(C12) (INCYBER) Purple Team: AI revolutionises attack, agent orchestration industrialises defence
Wednesday, April 1, 2026 3:00 PM to 3:45 PM · 45 min. (Europe/Paris)
Information
Offensive industrialisation through AI has compressed the TTP creation cycle: payloads, persistence and evasion follow one another at a pace that manual detection processes can no longer absorb. The gap between offensive capability and defensive coverage widens with each iteration.
This session presents an agentic orchestration approach applied to the purple team cycle. The MCP protocol coordinates the entire loop: execution of offensive scenarios, log collection, generation of detection rules, iterative validation and correlation. Each manual step is integrated into an autonomous and reproducible cycle.
Found out a concrete experience on the implementation of this approach and the measured gains in detection.
This session presents an agentic orchestration approach applied to the purple team cycle. The MCP protocol coordinates the entire loop: execution of offensive scenarios, log collection, generation of detection rules, iterative validation and correlation. Each manual step is integrated into an autonomous and reproducible cycle.
Found out a concrete experience on the implementation of this approach and the measured gains in detection.
Room
Room 3.7
Event
INCYBER
Type of session
Conference
