top of page
BruCON-2022-102 (1).png

Building, Securing and Hacking Intelligent Agentic Systems

3-day in-person course

This is an in-depth, hands-on course designed for developers, DevOps engineers, and security professionals who want to master the core principles behind intelligent agents and multi-agent (autonomous) systems, but we won’t shy away from the required, sometimes theoretical concepts, to grasp the technology but also the security dynamics in play. This course goes far beyond basic prompt engineering and does explore the low-level mechanics of LLM integration, agent chaining, and the architecture behind autonomous AI systems and security implications.


You'll start by interacting with LLMs using direct API calls, gradually progressing to SDKs, low-code interfaces, and full-fledged agent frameworks. We emphasize and focus on agentic design patterns, RAG and tool use, planning and decision-making, to build agents that can reason, coordinate, and act in complex environments. Our labs will notably focus on agent use in applications security, automation and DevOps operations but are applicable in any context.


Although OpenAI is used throughout the course for its accessibility and broad compatibility to explain and practice the concepts, we also cover emerging frameworks such as Google’s ADK (Agent Developer Kit), A2A (Agent-to-Agent protocols), MCP (Model Context Protocol) and other open-source projects promoting interoperability across different models and providers. Notably MCP is a game-changing concept requiring detailed attention to avoid security pitfalls in favor of simplicity.


Course Overview


This course is continuously updated to reflect the rapid evolution of agentic AI, ensuring learners stay at the forefront of real-world, production-ready implementations.

While this is not a die-hard hacking course, it is designed to spark the mindset of a true hacker, someone who breaks things to understand them and questions defaults and thinks out-of-the-box. This course will equip you to better understand how agentic systems work under the hood, justify and apply secure design patterns, and confidently engage with the next wave of AI-driven automation and lay a solid foundation for building your own agents (for fun and profit). This is your launchpad into the world of agentic AI with a hacking twist.


Your trainer is not a developer, only a passionate agentic and cloud-native security engineer sharing his experience on how he explored this exiting world.


Agenda


Day 1

  • Getting familiar with the concepts

  • Chat completions API

  • Assistants API and Responses API basics

  • Introduction to tool usage

  • An introduction to Model Evaluation

  • Embedding

  • RAG (Retrieval Augmented Generation)


By the end of this day, you should be equipped to build simple but powerful agents that can solve real-world problems. An exciting lab will help you understand Linux system calls, and program execution flows in a way you never imagined.


Day 2

  • Tool deep dive (the scary part)

  • Model Context Protocol (MCP)  

  • Agentic Frameworks

  • Agent Orchestration frameworks

  • Guardrails


By the end of day 2, you should be able to build agents that interact with the `real-world` using data sources and tooling. The vast amount of tooling available will inspire every true hacker to start building agents and lay the foundation to integrate almost anything.


Day 3

  • Agents in an enterprise setting

  • Tracing and observability

  • RAG pitfalls

  • AI red teaming


During this last day, we’ll explore how agents are used in the enterprise and point out the consequences of ignoring basic security hygiene.


Lab Overview

Each lab is structured to gradually build your understanding and capabilities, from basic API calls to full agent orchestration and security integration. No coding skills are required, and all code is provided. Spoiler alert, we’ll use AI for coding.


  • OpenAI - Chat completions basics and embedding

  • OpenAI - Responses API basics

  • MITMproxy interception

  • Model evaluation

  • RAG

  • Tool basics

  • Multi-agent orchestration

  • MCP

  • Agentic Fun

  • Enterprise graded Agents

  • Security

  • AI Red Teaming

Target Audience

 

Anyone who wants to learn more about the security of (agentic) AI, offensive and defensive.

Training level


All skill level

Pre-requisites


  • Notebook with access to internet and SSH.

  • Visual Studio Code

  • OpenAI API key preferred (<20$)

  • Coding skills? There is an AI agent for this

  • Willingness to explore new concepts.



Trainer Bio


Philippe Bogaerts has over 9 years of hands-on experience in containerization and Kubernetes, and more than 20 years in security and application delivery, He built a solid foundation in designing secure, scalable, and future-ready architectures for cloud-native applications. Today, his focus is on cloud-native security and AI security, areas he is deeply passionate about and actively investing in through continuous learning and hands-on development.


He thrives in environments that challenge him to evolve, experiment with new technologies, and push the boundaries of what’s possible. As a technology advocate and leader, he enjoys guiding teams, growing businesses, and bridging the gap between deep technical topics and business outcomes He believes that a strong mix of practical experience, curiosity, and a commitment to learning is essential for tackling the challenges of today and tomorrow.

 

https://www.linkedin.com/in/philippebogaerts/

bottom of page