The best defenders build AI agents together: Join Tenable for Swarm at Black Hat ’26
Agentic AI use is exploding, yet most security teams are building agents in isolation. Tenable is hosting Swarm, a build event at Black Hat 2026, for security practitioners to create and collaborate on agentic, open-source tooling to drive collective defense and stop adversaries together. Key takeaways According to Gartner®, by 2028, an average global Fortune 500 enterprise will have more than 150,000 AI agents in use, up from less than 15 in 2025, generating significant agent sprawl, IT complexity, and management challenges. 1 Security practitioners are building their own agentic, open-source tooling to cut out hours of manual phishing email triage, accelerate threat hunts, and uplevel junior talent to consistently perform and output principal-level analyst work. Join Tenable for Swarm , a hands-on agentic AI build event at Black Hat 2026 sponsored by AWS, where security practitioners will come together to collaborate and build next-generation open-source agents, skills, and MCP servers that will drive collective defense and stop modern adversaries. Every security practitioner is now a builder thanks to the emergence of agentic AI. According to Gartner®, by 2028, an average global Fortune 500 enterprise will have over 150,000 AI agents in use , up from less than 15 in 2025, generating significant agent sprawl, IT complexity, and management challenges.1 From Tenable’s vantage point, it’s clear this exponential surge in agent sprawl is reaching every business and IT function, including cybersecurity. Security teams have started to ride the same agentic AI security curve, spinning up agents to triage alerts, hunt threats, and automate the work that used to take days down to mere minutes. But too often, the work to build agentic, open-source security tooling still happens in isolation. No collaboration. No shared findings. Limited impact. Now the wait is over. Join us for Swarm , Tenable’s hands-on agentic AI build event at Black Hat 2026 sponsored by AWS and presented with support from Anthropic, where a global group of security practitioners will come together to collectively build the open-source agents, skills, and model context protocol (MCP) servers of the future to boost the cyber community’s defenses and stop modern adversaries. Why security practitioners build open-source agentic AI tools Security practitioners are starting to build their own open-source, agentic tooling to take repetitive work off their plates . The examples are real, and they run from individual practitioners to the largest enterprise security teams: This practitioner’s PhishER Email Analysis workflow is an agent-powered n8n pipeline that continuously pulls reported emails and uses AI to determine whether the content is phishing, spam, or clean, freeing up hours of analyst review time. The Tenable security team’s SOC-Hunter , an open-source Claude Code skill , turns proactive, hypothesis-driven threat hunting from a luxury into routine work. What once took four to six hours across 8-plus browser tabs now takes 45 to 90 minutes in a single terminal session. One of Tenable’s partners open-sourced its AI Analyst , a set of Claude Code skills backed by MCP servers that turn plain-language requests into actual agentic SOC work: hunting threats, triaging alerts, writing detections, and building security automation. Work that once demanded a senior specialist becomes something any analyst can drive through prompts using their own words, compressing hours of expert effort into minutes. Zoom out and the pattern is unmistakable. Community-built AI agents, skills, and MCP servers are extending every capability and workflow from vulnerability scanners to Active Directory attack-path analysis to proactive threat hunting and reporting. The energy is there. The talent is there. The collaboration, repeatable learning, and shared results remain aspirational. The problem: Most practitioners build agentic AI in isolation Open-source, agentic AI adoption is still in its early stages and uneven. Today, only 27% of security practitioners believe their agentic AI deployments are mature; most remain in active pilots and running AI in supporting capacities. Even among the security practitioners who are building agentic AI, too much of the work takes place in isolation. One team solves alert triage. Another team solves the same problem the next week, with no idea the first team ever existed. We keep reinventing the wheel, missing out on the compounding benefits that our shared work could deliver to every security team. Come build with Tenable at Swarm That is exactly what Swarm is for. Join us at Black Hat USA 2026 from Aug. 4-6 for Swarm, our hands-on agentic AI build event with Tenable and members of Anthropic’s technical staff, who will serve on the judging panel and provide coaching to attendees. Register here . Over a few focused days, security practitioners will come together to build open-source AI security agents, MCP servers, skills, and playbooks that automate the workflows you actually deal with — like triage, remediation, orchestration, and executive reporting. You get dedicated build time, live office hours with experts, and the company and collaboration of peers who understand the problems you want to solve. You do not need to be a career developer to take part. If you can describe a workflow clearly, you can build an agent for it. Bring the workflow you keep meaning to automate, and leave with something that helps take it off your plate, plus a network of people building alongside you. And we have amazing prizes lined up for the award winners, which we’ll announce during the Swarm Awards Ceremony held the morning of Thursday, Aug. 6! So register today because space is limited, and this is the room you want to be in. Show up and help define what the future of agentic AI security looks like. Reserve your spot for Swarm at Black Hat 2026 and build the future of cybersecurity with us. — 1 Gartner Press Release, Gartner Identifies Six Steps to Manage AI Agent Sprawl , April 2026. Gartner is a trademark of Gartner, Inc. and/or its affiliates.
AI Analysis
Technical Summary
The provided information is an announcement for Tenable's Swarm event at Black Hat 2026, which encourages security practitioners to collaboratively build open-source agentic AI tools to improve cybersecurity workflows. It discusses the rapid increase in AI agent deployment in enterprises and the challenges of isolated development efforts. The event is designed to facilitate shared development and accelerate adoption of agentic AI for tasks like phishing email analysis and threat hunting. No technical vulnerability, exploit, or security threat is described.
Potential Impact
No direct security impact or vulnerability is described. The content focuses on the benefits of collaborative AI tool development for security teams rather than any specific threat or exploit. There is no indication of active exploitation or risk to systems from this announcement.
Mitigation Recommendations
Not applicable. This is promotional content for a community event and does not describe a security vulnerability or threat requiring mitigation.
The best defenders build AI agents together: Join Tenable for Swarm at Black Hat ’26
Description
Agentic AI use is exploding, yet most security teams are building agents in isolation. Tenable is hosting Swarm, a build event at Black Hat 2026, for security practitioners to create and collaborate on agentic, open-source tooling to drive collective defense and stop adversaries together. Key takeaways According to Gartner®, by 2028, an average global Fortune 500 enterprise will have more than 150,000 AI agents in use, up from less than 15 in 2025, generating significant agent sprawl, IT complexity, and management challenges. 1 Security practitioners are building their own agentic, open-source tooling to cut out hours of manual phishing email triage, accelerate threat hunts, and uplevel junior talent to consistently perform and output principal-level analyst work. Join Tenable for Swarm , a hands-on agentic AI build event at Black Hat 2026 sponsored by AWS, where security practitioners will come together to collaborate and build next-generation open-source agents, skills, and MCP servers that will drive collective defense and stop modern adversaries. Every security practitioner is now a builder thanks to the emergence of agentic AI. According to Gartner®, by 2028, an average global Fortune 500 enterprise will have over 150,000 AI agents in use , up from less than 15 in 2025, generating significant agent sprawl, IT complexity, and management challenges.1 From Tenable’s vantage point, it’s clear this exponential surge in agent sprawl is reaching every business and IT function, including cybersecurity. Security teams have started to ride the same agentic AI security curve, spinning up agents to triage alerts, hunt threats, and automate the work that used to take days down to mere minutes. But too often, the work to build agentic, open-source security tooling still happens in isolation. No collaboration. No shared findings. Limited impact. Now the wait is over. Join us for Swarm , Tenable’s hands-on agentic AI build event at Black Hat 2026 sponsored by AWS and presented with support from Anthropic, where a global group of security practitioners will come together to collectively build the open-source agents, skills, and model context protocol (MCP) servers of the future to boost the cyber community’s defenses and stop modern adversaries. Why security practitioners build open-source agentic AI tools Security practitioners are starting to build their own open-source, agentic tooling to take repetitive work off their plates . The examples are real, and they run from individual practitioners to the largest enterprise security teams: This practitioner’s PhishER Email Analysis workflow is an agent-powered n8n pipeline that continuously pulls reported emails and uses AI to determine whether the content is phishing, spam, or clean, freeing up hours of analyst review time. The Tenable security team’s SOC-Hunter , an open-source Claude Code skill , turns proactive, hypothesis-driven threat hunting from a luxury into routine work. What once took four to six hours across 8-plus browser tabs now takes 45 to 90 minutes in a single terminal session. One of Tenable’s partners open-sourced its AI Analyst , a set of Claude Code skills backed by MCP servers that turn plain-language requests into actual agentic SOC work: hunting threats, triaging alerts, writing detections, and building security automation. Work that once demanded a senior specialist becomes something any analyst can drive through prompts using their own words, compressing hours of expert effort into minutes. Zoom out and the pattern is unmistakable. Community-built AI agents, skills, and MCP servers are extending every capability and workflow from vulnerability scanners to Active Directory attack-path analysis to proactive threat hunting and reporting. The energy is there. The talent is there. The collaboration, repeatable learning, and shared results remain aspirational. The problem: Most practitioners build agentic AI in isolation Open-source, agentic AI adoption is still in its early stages and uneven. Today, only 27% of security practitioners believe their agentic AI deployments are mature; most remain in active pilots and running AI in supporting capacities. Even among the security practitioners who are building agentic AI, too much of the work takes place in isolation. One team solves alert triage. Another team solves the same problem the next week, with no idea the first team ever existed. We keep reinventing the wheel, missing out on the compounding benefits that our shared work could deliver to every security team. Come build with Tenable at Swarm That is exactly what Swarm is for. Join us at Black Hat USA 2026 from Aug. 4-6 for Swarm, our hands-on agentic AI build event with Tenable and members of Anthropic’s technical staff, who will serve on the judging panel and provide coaching to attendees. Register here . Over a few focused days, security practitioners will come together to build open-source AI security agents, MCP servers, skills, and playbooks that automate the workflows you actually deal with — like triage, remediation, orchestration, and executive reporting. You get dedicated build time, live office hours with experts, and the company and collaboration of peers who understand the problems you want to solve. You do not need to be a career developer to take part. If you can describe a workflow clearly, you can build an agent for it. Bring the workflow you keep meaning to automate, and leave with something that helps take it off your plate, plus a network of people building alongside you. And we have amazing prizes lined up for the award winners, which we’ll announce during the Swarm Awards Ceremony held the morning of Thursday, Aug. 6! So register today because space is limited, and this is the room you want to be in. Show up and help define what the future of agentic AI security looks like. Reserve your spot for Swarm at Black Hat 2026 and build the future of cybersecurity with us. — 1 Gartner Press Release, Gartner Identifies Six Steps to Manage AI Agent Sprawl , April 2026. Gartner is a trademark of Gartner, Inc. and/or its affiliates.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The provided information is an announcement for Tenable's Swarm event at Black Hat 2026, which encourages security practitioners to collaboratively build open-source agentic AI tools to improve cybersecurity workflows. It discusses the rapid increase in AI agent deployment in enterprises and the challenges of isolated development efforts. The event is designed to facilitate shared development and accelerate adoption of agentic AI for tasks like phishing email analysis and threat hunting. No technical vulnerability, exploit, or security threat is described.
Potential Impact
No direct security impact or vulnerability is described. The content focuses on the benefits of collaborative AI tool development for security teams rather than any specific threat or exploit. There is no indication of active exploitation or risk to systems from this announcement.
Mitigation Recommendations
Not applicable. This is promotional content for a community event and does not describe a security vulnerability or threat requiring mitigation.
Technical Details
- Article Source
- {"url":"https://www.tenable.com/blog/black-hat-2026-swarm-event-build-AI-security-agents","fetched":true,"fetchedAt":"2026-07-16T13:10:37.304Z","wordCount":2799}
Threat ID: 6a58d84d68715ace4311cda6
Added to database: 07/16/2026, 13:10:37 UTC
Last enriched: 07/16/2026, 13:10:49 UTC
Last updated: 07/16/2026, 15:50:15 UTC
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.