Aegis Agent

Aegis Agent is an autonomous AI security analyst for GKE microservices. It intelligently discovers vulnerabilities in complex apps like Online Boutique, so developers can ship code with confidence.

Comment

Inspiration

Modern cloud-native applications, like the 11-microservice Online Boutique, have a massive and complex attack surface. For developers moving at high speed, manually securing every API and service is nearly impossible. We were inspired to build a tool that acts like an autonomous, AI-powered member of the development team—a security analyst that never sleeps.

What it does

Aegis Agent is an AI-powered security scanner that you can point at any live GKE application. It autonomously performs reconnaissance to map the application's architecture and then uses an intelligent, multi-step process to probe for common vulnerabilities and security misconfigurations.

Once the scan is complete, it presents the findings in a clean, professional dashboard. The standout feature is its ability to use Google's Gemini to translate complex technical vulnerabilities into a human-readable summary, explaining the potential business impact in plain English.

How we built it

We designed Aegis Agent using a modern, decoupled microservices architecture, deployed with a mix of GKE and Cloud Run for speed and scalability.

  • The AI core is a Python service that uses LangGraph to create a stateful, agentic workflow for scanning.
  • The frontend is a polished Next.js application.
  • The services communicate asynchronously via Google Pub/Sub, and scan results are stored in Firestore.
  • All AI-powered summaries are generated by Google Gemini through the Vertex AI API.

This entire process—from building containers to deployment—was automated with Docker and custom shell scripts.

Challenges we ran into

The biggest challenge was designing an agent that could intelligently probe for vulnerabilities without being just a "noisy" script. Using LangGraph to create a decision-making tree was key. It allowed us to move from a simple checklist-based scan to a workflow where the agent can decide what to test next based on its initial findings.

Accomplishments that we're proud of

We're incredibly proud of building a full-stack, AI-powered application from scratch in such a short time. The fact that our agent can successfully map out the entire Online Boutique architecture and provide actionable security insights is a huge accomplishment.

What we learned

We learned that the future of application security is autonomous. AI agents won't just replace manual tasks; they'll enable a new, proactive approach to security that is deeply integrated into the development lifecycle.

What's next for Aegis Agent

This hackathon MVP is the foundation for a much larger vision. The next step is to implement a Reinforcement Learning from Human Feedback (RLHF) loop, allowing users to label findings as "correct" or "false positive." This will create a powerful data flywheel, making the agent smarter and more context-aware with every scan.

Built With

  • docker
  • firestore
  • gemini
  • google-cloud-run
  • google-kubernetes-engine
  • google-pub-sub
  • langgraph
  • next.js
  • python
  • vertex-ai
Share this project:

Updates