Modern AppSec teams are starting to use agentic workflows to triage vulnerability reports and incident tickets that contain logs, stack traces, and chat transcripts often with PII, secrets, and sensitive internal context. Once these workflows add RAG and autonomous tool use (function calling), the attack surface expands: prompt injection can trigger unsafe actions, sensitive data can leak through memory/RAG/tool outputs, agents can be spoofed, and controls can be bypassed.

Enter : AI Agent Swarms in a Trustless Decentralized Ecosystem . You will understand the need of building , securing and deploying AI Agent Swarms in a decenetralized and trustless. .

In this hands-on 1-day training, you will build a Secure AppSec Triage & Remediation Swarm: a policy-governed, privacy-preserving multi-agent system powered by open-source foundation models in the 4B–20B range (Mistral/Qwen-class), with an explicit focus on EU policy-driven controls.
End to End Understanding - From prototype rapidly in Google Colab, then transition to a self-hosted Docker deployment hardened with container security best practices and protected at the edge using Cloudflare Zero Trust, WAF, and rate limiting.

You will implement:

1. Policy-as-code guardrails aligned to EU governance expectations (risk tiers, tool/model/RAG permissions, and human-oversight triggers).

2. PII detection and masking/pseudonymization using an anonymization framework across user input, inter-agent messages, and retrieval context.

3. Secured tool use via structured function calling, including a focused exploration of security specific LLM for security-oriented reasoning and structured outputs.

4. An eval + security test harness covering PII leakage, prompt-injection resilience, agent spoofing/tampering, and DoS/rate-limit checks.

5. An auditable deployment that produces a compliance-friendly evidence bundle (policies, logs, and test results).

After 8 hours, attendees leave with runnable take-home assets: Colab notebooks, a hardened Docker Compose stack, policy templates, and red-team scripts that can be directly adapted to real AppSec triage pipelines.