Security Agents

Alprina provides 20+ specialized AI-powered security agents that analyze different aspects of your systems. Each agent is trained and optimized for specific security domains, working together to provide comprehensive security coverage.

Agent Categories

Web3 & Blockchain Security

Web3 Auditor - Smart contract security, gas optimization, symbolic execution
DeFi Protocol Analysis - Flash loan detection, oracle manipulation, MEV analysis

API & Application Security

API Security Sentinel - REST/GraphQL testing, auth bypass detection
Code Security Agent - Source code vulnerability scanning
LLM Security Agent - AI/ML model security testing

DevOps & CI/CD Security

CI/CD Guardian - Pipeline security, poisoned pipeline execution detection
Network Analyzer Agent - Network security analysis
Guardrails Agent - Safety and compliance checking

Offensive Security

Red Team Agent - Offensive penetration testing
Replay Attack Agent - Protocol replay detection
WiFi Security Agent - Wireless penetration testing
Radio Security Agent - RF and Sub-GHz analysis

Defensive Security

Blue Team Agent - Defensive posture assessment
Container Security - Docker/Kubernetes vulnerability scanning

Mobile & IoT Security

Android SAST Agent - Android app security testing
IoT Device Scanner - Embedded device security assessment

Forensics & Incident Response

DFIR Agent - Digital forensics and incident response
Memory Analysis Agent - Memory forensics
Reverse Engineering Agent - Binary analysis

Specialized Agents

Retester Agent - Vulnerability remediation verification
Mail Agent - Email security analysis

How Agents Work

1. Agent Selection

When you run a scan, Alprina automatically selects the appropriate agent based on:

Scan type specified
Target characteristics
Security profile

Example:


# Automatically uses Code Security Agent
alprina scan ./src --profile code-audit
 
# Explicitly use Red Team Agent
alprina scan https://api.example.com --type red-team

2. Analysis Process

Each agent follows this workflow:


Input → Context Analysis → LLM Processing → Finding Generation → Output

Input: Receives target (code, URL, binary, etc.)
Context Analysis: Understands the environment and technology
LLM Processing: Uses Claude/GPT to analyze security
Finding Generation: Produces structured findings
Output: Returns results with recommendations

3. Agent Capabilities

All agents can:

✅ Detect security vulnerabilities
✅ Assess severity and impact
✅ Provide remediation guidance
✅ Reference industry standards (OWASP, CWE, CVE)
✅ Generate detailed reports

4. Customization

Configure agent behavior:


# Use specific LLM provider
alprina scan ./src --llm anthropic --model claude-3-5-sonnet
 
# Adjust scan depth
alprina scan ./src --profile quick      # Fast, basic checks
alprina scan ./src --profile standard    # Balanced
alprina scan ./src --profile comprehensive # Deep analysis

Agent Comparison

Agent	Target	Speed	Credit Cost	Best For
Code Security	Source code	Fast	1	SAST, code review
Red Team	Web/API	Medium	1	Pen testing
Blue Team	Infrastructure	Medium	1	Defense evaluation
Network Analyzer	Networks	Medium	1	Network security
Reverse Engineering	Binaries	Slow	2	Malware analysis
Android SAST	APK files	Medium	1	Mobile security
DFIR	Evidence	Slow	2	Incident response
Memory Analysis	Memory dumps	Slow	2	Forensics
WiFi Security	WiFi networks	Medium	1	WiFi testing
Replay Attack	Protocols	Fast	1	API security
Radio Security	RF signals	Medium	2	IoT security
Retester	Previous findings	Fast	0.5	Remediation check
Mail	Email files	Fast	1	Email security
Guardrails	Any	Fast	0	Safety check

Common Use Cases

Secure Code Review


# Scan codebase for vulnerabilities
alprina scan ./src --type code --language python
 
# Focus on specific issues
alprina scan ./src --check-secrets --check-injection

Penetration Testing


# Red team assessment
alprina scan https://api.example.com --type red-team
 
# Network penetration test
alprina scan 192.168.1.0/24 --type network-analysis

Incident Response


# Forensic analysis
alprina scan ./evidence --type forensics
 
# Memory analysis
alprina scan ./memory.dmp --type memory-analysis

Mobile Security


# Android app security test
alprina scan ./app.apk --type android

Remediation Verification


# Retest fixed vulnerabilities
alprina retest scan_abc123 --finding finding_001

Agent Updates

Agents are continuously improved with:

New vulnerability detection patterns
Updated security knowledge
Enhanced LLM models
Community feedback

Version history and changelogs are available on each agent’s page.

Next Steps

Explore individual agent documentation for detailed capabilities
Learn about CLI commands for running scans
See API documentation for programmatic access
Review best practices for effective scanning