AgentCyTE: Leveraging Agentic AI to Generate Cybersecurity Training & Experimentation Scenarios

TL;DR

AgentCyTE combines large language models with schema constraints and feedback loops to automatically generate realistic, valid cybersecurity threat scenarios for training and research, reducing manual effort.

Contribution

It introduces a hybrid framework that integrates LLM reasoning with deterministic validation to produce scalable, executable cybersecurity scenarios with improved realism and correctness.

Findings

Enables automated generation of valid threat scenarios

Improves realism and structural correctness of generated environments

Facilitates scalable cybersecurity training and experimentation

Abstract

Designing realistic and adaptive networked threat scenarios remains a core challenge in cybersecurity research and training, still requiring substantial manual effort. While large language models (LLMs) show promise for automated synthesis, unconstrained generation often yields configurations that fail validation or execution. We present AgentCyTE, a framework integrating LLM-based reasoning with deterministic, schema-constrained network emulation to generate and refine executable threat environments. Through an agentic feedback loop, AgentCyTE observes scenario outcomes, validates correctness, and iteratively enhances realism and consistency. This hybrid approach preserves LLM flexibility while enforcing structural validity, enabling scalable, data-driven experimentation and reliable scenario generation for threat modeling and adaptive cybersecurity training. Our framework can be accessed at: https://github.com/AnantaaKotal/AgentCyTE