A Survey of Agentic AI and Cybersecurity: Challenges, Opportunities and Use-case Prototypes

TL;DR

This survey explores the dual-use nature of agentic AI in cybersecurity, highlighting its potential for autonomous defense and attack, and discusses emerging challenges, threat models, and practical use-case prototypes.

Contribution

It provides a comprehensive overview of agentic AI's implications for cybersecurity, including threat models, security frameworks, and real-world use-case prototypes.

Findings

Agentic AI enables autonomous cybersecurity workflows like monitoring and incident response.

It also accelerates adversarial attacks such as reconnaissance and social engineering.

Systemic risks include agent collusion and cascading failures.

Abstract

Agentic AI marks an important transition from single-step generative models to systems capable of reasoning, planning, acting, and adapting over long-lasting tasks. By integrating memory, tool use, and iterative decision cycles, these systems enable continuous, autonomous workflows in real-world environments. This survey examines the implications of agentic AI for cybersecurity. On the defensive side, agentic capabilities enable continuous monitoring, autonomous incident response, adaptive threat hunting, and fraud detection at scale. Conversely, the same properties amplify adversarial power by accelerating reconnaissance, exploitation, coordination, and social-engineering attacks. These dual-use dynamics expose fundamental gaps in existing governance, assurance, and accountability mechanisms, which were largely designed for non-autonomous and short-lived AI systems. To address these challenges, we survey emerging threat models, security frameworks, and evaluation pipelines tailored to agentic systems, and analyze systemic risks including agent collusion, cascading failures, oversight evasion, and memory poisoning. Finally, we present three representative use-case implementations that illustrate how agentic AI behaves in practical cybersecurity workflows, and how design choices shape reliability, safety, and operational effectiveness.