The emergence of agentic artificial intelligence in cybersecurity has been a game changer, especially with the use of large language models.These new abilities can perform both offensive and defensive actions, allowing for improved automation for both red team and blue team work. With help from Claude, I have created and successfully tested two AI cybersecurity agents with one acting as the attacker and the other acting as the defender.

The Purpose

Thanks to the abilities provided by LLMs like Claude, attacks can be orchestrated autonomously by agents, making it easier for hackers to target vulnerable systems. While these developments can invite the risk of bad actors who intend to hack for malicious purposes, this also provides security researchers with an easier way to find vulnerabilities in a system. Anthropic’s new development, Mythos, is an example of an LLM that uses its ability to find weaknesses within a structure. While the automated nature of these tools can make cybersecurity processes quicker, easier, and cheaper in many ways, it is important to recognize that human involvement in this process remains highly important. When conducting vulnerability assessments, there needs to be real people making judgment calls about how the agents are to go about their investigations. When creating the agents, I made sure to include a prompt that would both inform the user of what it was planning to do and require direct permission from the user before moving forward with its plans. With this safeguard, we ensure that the agent is not making serious decisions on its own with the explicit consent of a human being.

Architecture

Using a Kali Linux virtual machine as the offensive station and a Windows 10 virtual machine as the defensive station, I was ready to test both the red team agent and the blue team agent. I installed Damn Vulnerable Web App (DVWA) on the defensive station to serve as the vulnerable guinea pig. With help from Claude, the red team agent engages in reconning, planning, and vulnerability tests. Utilizing recon tools such as nmap and gobuster, the agent could gather information on the potential weaknesses of the defensive station. Once the agent has collected this, it can make plans on how it wants to test the vulnerabilities of the DVWA. When the plans are all set to go, the agent displays what it wants to do to the user and prompts them for permission to move forward with these plans. If the user responds with a “yes”, the agent begins with a series of penetration testing, such as SQL injection, brute force attacks, and command injections. After this is performed, the red team agent concludes running by providing the user with a report detailing which methods were successful in its vulnerability testing and a summary of how vulnerable that the target system is. Moving over to the defensive station, the blue team agent is at work searching for the offensive actions that were committed by the red team agent. Using the access log from the web server, this agent is able to analyze any interactions made with the website and determine if there have been any attacks performed and what address these attacks came from. The agent then concludes by providing the user with a report detailing what kind of attacks were performed and what defensive actions can be taken. Like the blue team agent, the red team agent utilizes Claude in its analysis.

Human Approval

An important element that I included in the red team agent was human insight being required before the vulnerability testing can take place. With Claude being used to analyze the situation and decide how to perform vulnerability testing, the agent has the ability to be fully autonomous. Allowing an agent with offensive cybersecurity abilities to run without human supervision invites serious risk into the situation. Even though this agent is designed to be used by ethical hackers that are supposed to test for vulnerabilities, there could be serious consequences if the will of the agent permits it to perform an action that was not considered by its human designers. This is why it is crucial for a person to both review the plan that the agent developed with help from Claude and for the person to give approval before the plan is enacted. A potential disastrous cybersecurity incident can be prevented with a simple “no” response to the agent’s prompt.

Red and Blue Tag Team

I chose to create both the red team agent on the offensive station and the blue team agent on the defensive station because I recognize the importance of both understanding how a system can be compromised and how these threats can be detected and prevented. The two agents act with significant independence from each other, with only the log file acting as a shared state. In a real-world scenario, the blue team agent would need to detect threats coming from places that it would have no previous involvement with, so it is crucial that its detection abilities are able to be performed separately from the red team agent.

Results

Running the agents on the virtual machines achieved interesting results. I intentionally set the security of the DVWA to a low setting. When performing recon, the red team agent accesses several possible vulnerabilities and detailed priority levels for which vulnerabilities could be best exploited. A plan was put together for how it was going to test its offensive maneuvers on the DVWA. I gave my approval, and the agent took its time launching its vulnerability testing. Once this was completed, the agent provided a detailed report on its success with its specific tests where it explained what was vulnerable and what was not. The red team agent had concluded its work, so I moved to the defensive VM where I ran the blue team agent. Using the access log, the agent provided a report stating that an attack took place, what was involved in the attack, where the attack came from, the most critical concerns to be considered, and what security measures should be taken The blue team agent detected all five methods of attack used by the red team agent, demonstrating its ability to recognize specific vulnerability breaches.

Limitations

While I had success on the tests that I ran, there are nonetheless limitations to the agents. I was testing it on Damn Vulnerable Web App specifically on the lowest security setting, so the bar is already set pretty low for the red team agent to perform its recon and vulnerability testing. I am interested to see if I am able to successfully pentest the app when the security setting is higher, as well as in different testing environments that are harder to crack than DVWA. Another element about the agents that I would change is increasing data minimization. The agents are passing tool outputs to Claude mostly unredacted so that Claude can directly analyze the raw findings to create reports and enhance detection in ways where a fixed signature could miss. For the virtual machine lab setting that I have set up, this is not a problem. However, if I were to utilize these agents in a production setting, there would need to be more significant limitations on what could get sent to Claude. This could be solved by using a local LLM or by filtering what gets sent to Claude to only include a vague description. When taking these options, there will need to be consideration in determining if these changes will reduce Claude’s effectiveness in making decisions for the agents. All of this can be researched in depth in the future as I continue to improve the abilities of the red and blue team agents.

What this demonstrates

The use of large language models in autonomous AI cybersecurity agents opens the door for improvement for both identifying vulnerabilities and detecting potential threats. With the power that this ability brings, it is crucial that there is still human involvement to ensure that the choices that the agents make are being reviewed and approved of so that serious damage can be prevented. With this cautionary measure included, the agents are able to work together to improve cybersecurity measures from both a red team and blue team perspective.

Code for both agents is available here: https://github.com/jackthetechguy10137-source/cyber-ai-agent/tree/red-and-blue-team

Confidence doesn’t always arrive with a bold entrance. Sometimes, it builds quietly, step by step, as we show up for ourselves day after day. It grows when we choose to try, even when we’re unsure of the outcome. Every time you take action despite self-doubt, you reinforce the belief that you’re capable. Confidence isn’t about having all the answers — it’s about trusting that you can figure it out along the way.

The key to making things happen isn’t waiting for the perfect moment; it’s starting with what you have, where you are. Big goals can feel overwhelming when viewed all at once, but momentum builds through small, consistent action. Whether you’re working toward a personal milestone or a professional dream, progress comes from showing up — not perfectly, but persistently. Action creates clarity, and over time, those steps forward add up to something real.

You don’t need to be fearless to reach your goals, you just need to be willing. Willing to try, willing to learn, and willing to believe that you’re capable of more than you know. The road may not always be smooth, but growth rarely is. What matters most is that you keep going, keep learning, and keep believing in the version of yourself you’re becoming.

Confidence doesn’t always arrive with a bold entrance. Sometimes, it builds quietly, step by step, as we show up for ourselves day after day. It grows when we choose to try, even when we’re unsure of the outcome. Every time you take action despite self-doubt, you reinforce the belief that you’re capable. Confidence isn’t about having all the answers — it’s about trusting that you can figure it out along the way.

The key to making things happen isn’t waiting for the perfect moment; it’s starting with what you have, where you are. Big goals can feel overwhelming when viewed all at once, but momentum builds through small, consistent action. Whether you’re working toward a personal milestone or a professional dream, progress comes from showing up — not perfectly, but persistently. Action creates clarity, and over time, those steps forward add up to something real.

You don’t need to be fearless to reach your goals, you just need to be willing. Willing to try, willing to learn, and willing to believe that you’re capable of more than you know. The road may not always be smooth, but growth rarely is. What matters most is that you keep going, keep learning, and keep believing in the version of yourself you’re becoming.

The following annotated bibliographies demonstrate the significance of ethics in artificial intelligence through research into journals and articles. These papers cover artificial intelligence’s societal impact, current legal and ethical conversations, and implementation across several industries.