Tentative AI AppSec Robots: Building Real-World Agents for Application Security
Security teams are drowning in repetitive tasks while attackers move faster than ever. This course takes a fresh approach: instead of learning to attack or defend AI systems, participants will build AI agents that supercharge their existing security workflows.Participants will also get hands-on with OpenAI and Claude agent SDKs to create practical tools that cover an entire “Security Lifecycle”—agents that generate threat models from documents or code,, automate SAST and DAST scans, audit Kubernetes clusters, and assess cloud infrastructure security. We’ll tackle the real challenges: keeping agents updated with current threat intelligence through RAG and search grounding, connecting them to security tools via Model Context Protocol (MCP), and giving them memory so they learn from each assessment.Each module includes working labs with extended access where participants build agents that adapt, reason, and scale their team’s impact.
Training Outline
-
Title
AI AppSec Robots: Building Real-World Agents for Application Security
-
Trainer
Abhay Bhargav(AppSecEngineer)
Haricharana S(we45) -
Language
English
-
Date
2026-11-14 9:00 - 18:30
2026-11-15 9:00 - 18:30 -
Venue
Bellesalle Shinjuku Grand Conference Center (5F)
-
Capacity
42(*Minimum students count is 10)
-
Remarks
Include 2day Conference ticket(November 17th to 18th, 2026) for training attendees
Training Application
Training Detail
- Practitioners working in DevSecOps, cloud security, and security automation
- Knowledge of security exercises such as threat modeling and a basic understanding of penetration testing concepts, along with a good grasp of Python. Familiarity with LLMs and agentic systems is considered a plus, as well as a foundational understanding of DevSecOps practices.
What skills will participants learn at your training?
- Participants will learn cutting-edge skills at the perfect intersection of Security + AI—not just how to use agents but how to build powerful, real-world security agents that automate threat modeling, SAST, DAST, Kubernetes audits, and cloud security assessments across the entire security lifecycle.
- They will develop strong intuition for concepts that usually feel like “AI black boxes.” Through hands-on work with agent reasoning, memory systems, MCP integrations, and RAG-based grounding, students will understand how agents think, plan, and interact with security tools in realistic scenarios.
- Students will gain practical, lab-driven experience building complete AI-driven security workflows. Using cloud sandboxes and the OpenAI and Claude Agent SDKs, they will create agents that autonomously analyze code, explore applications, audit infrastructure, and dramatically boost security team efficiency.
What students should bring
- A laptop with no firewall restrictions
What students will be provided with
- Participants will receive instructions for the labs, the complete slide deck for the session along with speaker notes, and access to we45 labs. They will also be provided with the code snippets used during the training and setup files required to configure the lab environment post-training. Additionally, participants will receive access to LLM sandboxes for AI-driven hands-on labs, along with two months of access to our online learning platform.
Abhay Bhargav
アブハイ・バルガフ
Abhay Bhargav is the Founder and Chief Research Officer at AppSecEngineer, an elite, hands-on online training platform and we45 a specialized AppSec Company. Abhay started his career as a breaker of apps, in pentesting and red-teaming, but today is more involved in scaling AppSec with Cloud-Native Security and DevSecOps He has created some pioneering works in the area of DevSecOps and AppSec Automation, including the world's first hands-on training program on DevSecOps, focused on Application Security Automation. In addition to this, Abhay is active in his research of new technologies and their impact on Application Security, specifically Cloud-Native Security. In addition, Abhay has contributed to pioneering work in the Vulnerability Management space, being the architect of a leading Vulnerability Management and Correlation Product, Orchestron. Abhay is also committed to Open-Source and has developed the first-ever Threat Modeling solution at the crossroads of Agile and DevSecOps, called ThreatPlaybook. Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA, EU and AppSecCali. His training programs have been sold-out events at conferences like AppSecUSA, EU, AppSecDay Melbourne, CodeBlue (Japan), BlackHat USA, SHACK and so on. He's authored two international publications on Java Security and PCI Compliance as well.
Haricharana S
ハリチャラナ・エス
Haricharana S is a Solutions Engineer at we45, specializing in both traditional AI research and AI security. He has co-authored multiple AI research papers in collaboration with leading institutions such as Georgia Tech and IIT Kharagpur. With deep expertise in AI security, he has led intensive bootcamps and training programs focused on cutting-edge AI innovations, along with the risks, threats, and defensive strategies associated with them. Beyond research and training, Haricharana is also an accomplished product developer, having built real-world solutions that automate threat modeling and penetration testing for modern security teams.