Overview
The AI Agent in DeepTraQ is an AI-powered cybersecurity assistant that combines real-time web search, vulnerability analysis, automated patch generation, database interrogation, and full scan orchestration into a single workflow. From a single UI you can select an AI engine, ask the agent about a CVE (for example, CVE-2024-74), validate the agent’s sources via the References tab, generate patch scripts, query your environment database for presence of the vulnerability, and create or invoke DeepTraQ scans — all without leaving the platform.
Supported Platforms
- Code and infrastructure vulnerability workflows that surface CVE-style findings.
- Model-agnostic AI engines: ChatGPT, Claude, Gemini (and other configured engines via the model selector).
- Real-time web search integration for grounding AI responses (security blogs, exploit databases, CVE pages).
- Internal database integrations (the "DB" button to query your environment inventory).
- DeepTraQ scan orchestration and web-application security dashboards (scan creation, invocation, and status monitoring).
Prerequisites
| Requirement | Description | Example / Notes |
|---|---|---|
| Configured AI engines | At least one AI model must be registered and available in DeepTraQ's model selector. | ChatGPT, Claude, Gemini configured in model settings. |
| Web search tool enabled | Allow the agent to perform real-time internet lookups to ground responses and cite sources. | Required to fetch exploit write-ups or CVE references in the References tab. |
| Database access configured | Credentials and read access to the inventory/asset database so the DB button can query presence of CVEs. | Connection to your asset DB with a service account that can run vulnerability queries. |
| Scan integration enabled | DeepTraQ AI scans must be integrated so the agent can create and invoke scans from the agent UI. | Integration with open-source scanners + DeepTraQ proprietary scan engine. |
| User permissions | User must have permission to view findings, run scans, and (optionally) apply generated patch scripts. | Role with Scan:invoke, DB:query, Findings:view privileges. |
Steps
- Open the AI Agent module inside DeepTraQ.
- Use the model selector to choose an AI engine (for example, ChatGPT, Claude, or Gemini).
- Ask the agent a targeted question — e.g., “Tell me about CVE-2024-74: root cause and impact.”
- Review the agent’s generated response in the UI.
- Open the References tab to verify the sources the agent used and ensure there are direct links to external resources (security blogs, exploit DB, CVE pages).
- (Optional) Ask the agent to generate a patch script for the CVE.
- Click the DB button to query your internal database for the presence of the CVE in your environment.
- If a vulnerability exists, instruct the agent to create and invoke an AI scan or a targeted scan from the agent UI.
- Monitor scan progress and results via the Web Application Security Dashboard or the scan status panel.
- Validate findings by following source links from the References tab and, if needed, iterate with follow-up agent prompts (root cause, remediation steps, or patch adjustments).
Field Reference
| Field | Description | Example |
|---|---|---|
| Model selector | UI control to pick which AI engine the agent will use for analysis. | Select "Gemini" or "ChatGPT" before asking about a CVE. |
| Agent response panel | Primary display area where the agent’s structured analysis is shown. | "Root cause: vulnerable library X; Impact: RCE risk." |
| References tab | Lists external sources the agent used and provides direct links to each source to prevent hallucinations. | Link to a CVE entry, exploit write-up, or vendor advisory. |
| DB button | Triggers a query against your configured database to check whether the CVE exists in your environment. | "No matches found" or a list of affected hosts. |
| Patch script generator | Agent command/output that produces a candidate patch or remediation script for the CVE. | Bash script to upgrade library X to version Y. |
| Scan creation / orchestration | Agent-driven action to create and invoke DeepTraQ-integrated scans combining OSS and proprietary detectors. | Create a web-app scan targeting host list returned by the DB query. |
| Web Application Security Dashboard | Dashboard where scan progress and results are shown after the agent creates or triggers a scan. | Scan status: queued / running / completed; findings list. |
| Source links | Clickable links in References that point to the exact web pages used to generate the agent’s intelligence. | External security blog or exploit-db link cited by the agent. |
| User permissions indicator | Visual hint or requirement that shows necessary permissions for actions (scan invoke, DB query, apply patch). | Permission badges shown next to action buttons. |