Agentic AI Red Teaming Intermediate - 5 days - 4800€ HT
Description
The development of agentic architectures marks a major technological breakthrough, transforming passive LLMs into proactive systems capable of orchestrating complex workflows where traditional algorithms reach their limits. This evolution enables the design of autonomous systems capable of reasoning, interfacing with third-party tools and databases, while maintaining a controlled and secure execution framework.
This five-day training course aims to impart the skills necessary to design these next-generation agents. The instruction is structured around a practical focus: the complete development of a Red Team agent dedicated to vulnerability recognition and identification. Participants will learn to manipulate state-of-the-art models, whether remote (Anthropic, OpenAI) or local (Ollama), and to integrate them into robust multi-agent architectures.
-
5 days (35 hours)
-
Development of an agent for reconnaissance and vulnerability detection
-
Advanced use of the Model Context Protocol (MCP) and smolagents
-
Python development environment and access to provided models
Objectives
- Understand the reasoning principles of LLM and autonomous loop architectures (Thought-Action-Observation)
- Master the integration of tools and services via the MCP protocol to extend agent capabilities
- Design and secure a multi-agent infrastructure capable of managing context, memory, and code execution
Public and prerequisites
This training is designed for technical professionals looking to develop their skills in AI-based autonomous systems engineering. It requires a strong familiarity with modern development environments.
-
Software developers (intermediate to experienced)
-
Penetration testers and security researchers
-
SecDevOps engineers
A solid background in Python programming is essential. Participants should be familiar with the Linux command line and have a basic understanding of networking (TCP/IP, HTTP). While an interest in the LLM ecosystem is a plus, no prior AI knowledge is required.
Content
Day 1
Introduction to agent development: Key concepts of inference, state of the art of models (API vs. local), hardware sizing, and overview of frameworks. Scripting of queries to inference engines (online/offline) and programming of a first simple agent.
Day 2
Agentic Architecture and Tool Use: Thought-Action-Observation loop and stopping conditions. Function calls and typing. Agent architecture and specialization. Development of custom Python tools (tool calling). Implementation of a multi-agent architecture with orchestrator, worker, and analyzer. Implementation of CodeAgent capable of executing code in a segregated manner.
Day 3
Model Context Protocol (MCP): Introduction to MCP. Components: hosts, clients, and servers. The protocol, its transport layers (JSON-RPC), functionalities (tools, resources, prompts), network messages, and security (authentication, isolation). Presentation of python-mcp and fastMCP. Programmatically listing the tools, resources, and prompts exposed by an MCP server. Creating an MCP server exposing a network scanning tool. Creating an MCP server exposing dynamic resources (logs). Integrating an MCP client and using MCP with the agent.
Day 4
Memory, RAG, and Context Injection: Concept of a context window, limitations, and optimizations (short memory). RAG: Augmented Generation by Retrieval, theory, and libraries. Persistent memory via classic data structures. Implementation of a database (CVE) with VectorDB. Addition of a "Sumarizer" agent to optimize the context window. Implementation of a "remember" tool with persistent storage.
Day 5
Qualification, observability, production deployment, and security: Focus on the numerous security risks associated with agent deployment and best practices (sandboxing, proxying, caching, hardening). Presentation of monitoring and introspection tools. Presentation of testing strategies to validate workflows despite the inherent non-determinism of LLMs. Implementation of functional test scenarios and performance evaluation. Tool isolation and security enhancement. Agent finalization.
All the details regarding how the training is conducted are described on this page.