Agentic Scanning - AI That Finds and Fixes Threats Autonomously
Defines the agentic scanning paradigm: multi-agent orchestration, adaptive intelligence, and continuous protection.
Agentic Scanning
Traditional security scanners run on schedules - weekly, daily, or hourly at best. They execute fixed playbooks, produce static reports, and require manual interpretation. Agentic scanning breaks this pattern entirely.
Agentic scanning is an AI-orchestrated, continuous scanning paradigm using multiple autonomous agents that adapt their behavior based on findings and historical context. Instead of rigid scripts, agents coordinate via an orchestrator, persist learned patterns in vector memory, and adjust tactics in real-time. The system throttles safely, avoids overloading targets, and prioritizes highest-risk surfaces based on feedback loops.
For decentralized infrastructure - where validator nodes, RPC endpoints, and DePIN edge devices operate across heterogeneous environments - agentic scanning provides the continuous, adaptive protection that static tools cannot.
Architecture
Agentic scanning systems operate as a multi-agent orchestrator coordinating specialized autonomous agents. Each agent has a defined scope, maintains its own state, and shares context through a central memory store.
Core Components
Discovery Agent:
- Seeds initial targets from known validator lists, RPC endpoints, and peer observations
- Enriches targets with ASN, geolocation, provider data
- Tracks network topology changes over time
Port Scanner Agents:
- Perform continuous port scanning across target ranges
- Use backoff strategies and target-aware throttling to avoid rate limiting
- Detect new services immediately as they appear
Protocol Fingerprinter:
- Upgrades open ports to detailed service fingerprints
- Uses banner grabs, protocol-specific heuristics, and ML embeddings
- Produces confidence scores (0-1) for each identification
CVE Correlator:
- Maps detected services and versions to known vulnerabilities
- Cross-references with CVE databases, vendor advisories, and exploit availability
- Provides remediation guidance and fix availability status
Web Probe:
- Collects HTTP/HTTPS headers, TLS certificate data, and content signals
- Detects common misconfigurations: default pages, exposed admin panels, weak ciphers
- Respects robots.txt and rate limits
Compliance Mapper:
- Maps findings to control frameworks (SOC2, ISO 27001, MiCA)
- Generates compliance gap reports for operators
The Orchestrator
The orchestrator acts as the planner and executor for all agent activity. It:
- Plans jobs: Prioritizes scan targets based on risk signals, network role, and time since last scan
- Balances regional queues: Distributes work across geographic regions to avoid overload
- Tracks state: Monitors hygiene streaks, flapping events, and persistent exposures
- Enforces policy: Applies rate limits, connection concurrency caps, and retry backoff
The orchestrator ensures agents operate within safe, legal, and non-intrusive boundaries at all times.
Vector Memory
All fingerprints, banners, and service signatures are embedded into a vector memory store. This enables:
- Fast similarity recall: Match new findings against historical patterns
- Deduplication: Suppress repeated alerts for known states
- Learning: Improve fingerprint accuracy over time via reinforcement feedback
Vector memory transforms agentic scanning from reactive detection to adaptive intelligence.
Why It Matters
Static Scanners vs Agentic Scanning
| Feature | Traditional Scanners | Agentic Scanning |
|---|---|---|
| Execution Model | Scheduled (weekly/daily) | Continuous, event-driven |
| Adaptation | Fixed playbooks | Self-adjusting based on findings |
| Context Awareness | None | Historical memory and network topology |
| Throttling | Global rate limits | Target-aware backoff and regional balancing |
| False Positives | High (single-signal fingerprints) | Low (multi-signal, confidence-weighted) |
| Remediation | Manual interpretation | Actionable suggestions with context |
Static scanners operate in isolation. Agentic systems learn from every scan, building institutional memory that improves accuracy and reduces noise.
Real-World Impact
In September 2025, NullRabbit's agentic scanning system identified that 39.6% of Sui validator voting power was exposed via SSH services with known CVEs. Traditional scanners would have required manual correlation of port scans, service versions, and CVE databases - a multi-day process.
Agentic scanning completed this analysis in hours, identified concentration risks (provider clustering, version skew), and produced remediation guidance automatically. When consensus fails at ~33% voting power offline, this kind of speed matters.
Implementation Snapshot
Below is a simplified workflow illustrating how agents coordinate:
# Orchestrator loop (pseudocode)
while True:
targets = discovery_agent.get_high_priority_targets()
for target in targets:
# Port scan with backoff
open_ports = port_scanner.scan(target, throttle=True)
for port in open_ports:
# Fingerprint service
fingerprint = protocol_fingerprinter.identify(target, port)
# Check vector memory for similar patterns
if vector_memory.is_novel(fingerprint.embedding):
# New pattern detected
cves = cve_correlator.match(fingerprint)
if cves:
# Calculate risk and alert
risk = scoring_engine.compute_risk(target, cves)
orchestrator.alert(target, risk, cves)
# Store in vector memory for future recall
vector_memory.store(fingerprint.embedding, metadata)
# Adjust priorities based on findings
orchestrator.update_priorities(targets)
This feedback loop - scan, correlate, learn, adjust - runs continuously across all monitored infrastructure. Please note, this is garbage code!
Safety & Ethics
Agentic scanning enforces strict ethical boundaries:
- Legal, non-intrusive probes only: Banner grabs, TLS handshakes, and metadata collection
- Respect for operator controls: Honor robots.txt and allowlists where applicable
- Conservative defaults: Rate limits and connection concurrency tuned to avoid impact
- Responsible disclosure: Findings communicated privately to operators before public reporting
Automation does not mean aggression. Agentic systems prioritize ecosystem health over exhaustive coverage.
Related Research
Explore the foundations and applications of agentic scanning:
- Validator Security →
- Autonomous Security Intelligence →
- DePIN Security →
- Sui Validator Network Analysis →
- Sui Validator Exposure Report →
For real-world results and methodology details, see the Research Hub.
Related Research
XDP Inline Defense for Validators: Kernel-Level Protection at Line Rate
Validator nodes face constant exposure. This deep dive explains how NullRabbit Guard uses eBPF and XDP to enforce security directly inside the NIC driver, dropping scans and abnormal traffic at line rate before they reach the kernel or your node.
Validator Slashing Incidents Are a Warning. Sui Could Be Next.
Recent Ethereum validator slashings showed how fragile infra can be. Our scan of Sui uncovered something worse: nearly 40% of validator voting power exposed.
Sui Validator Network Exposed: Nearly 40% at Risk
NullRabbit's August 2025 scan of the Sui validator set revealed nearly 40% of voting power exposed to SSH, CVEs, and misconfigurations - leaving the network one step away from consensus failure.