Agentic RE: CSL Virtual 2026
Current rate: EARLYBIRD — 14 days left. Standard pricing through June 21, then late tier.
By registering, you agree to our Terms of Service.
If a government, public institution, or government-affiliated organization is funding your registration, use the institutional registration form instead.
Government / Institutional RegistrationWhat Is This Course?
This is the full 5-day live, instructor-led virtual cohort of Agentic RE: Automating Reverse Engineering & Vulnerability Research with AI. You'll build private AI stacks, develop custom MCP servers, optimize local models for your tasks, and orchestrate agents that reason through binaries autonomously.
By the end of the week, you'll have a working agentic workflow that analyzes binaries, surfaces potential vulnerabilities, validates findings, and triages results across platforms — Windows, macOS, iOS, and Android.
The primary deliverable is the live, interactive training during the cohort dates. Hands-on labs, real-time Q&A, and direct interaction with the instructor happen during the live sessions.
This is not a "prompt engineering for RE" course. You write real code: custom MCP servers that give LLMs access to Ghidra, optimization pipelines that make local models accurate, and agents that reason through binaries autonomously. The skills transfer to whatever models and frameworks come next.
Schedule
Live sessions via Zoom, 4 hours per day. Self-paced labs and Discord support fill the remaining time.
| Day | Date | Topic | Time (US Eastern) |
|---|---|---|---|
| Day 1 | July 6 | Foundations of Agentic RE — LLM basics, local stack setup, first MCP connection | 09:00–13:00 |
| Day 2 | July 7 | Custom MCP Servers — Build Ghidra MCP, Semgrep/CodeQL integration, semantic search | 09:00–13:00 |
| Day 3 | July 8 | Adapting LLMs for RE/VR — Context engineering, prompt optimization with MIPROv2 and GEPA, fine-tuning | 09:00–13:00 |
| Day 4 | July 9 | Workflows & Orchestration — ReAct agents, multi-platform dispatch, capstone kickoff | 09:00–13:00 |
| Day 5 | July 10 | Agent Skills & Capstone — Coding agents, capstone delivery, wrap-up | 09:00–13:00 |
Time Zone Conversion
| Region | Local Time |
|---|---|
| US Eastern | 09:00–13:00 |
| US Mountain | 07:00–11:00 |
| US Pacific | 06:00–10:00 |
| UK GMT | 14:00–18:00 |
| Europe CET | 15:00–19:00 |
| Australia AEST | 23:00–03:00 (next day) |
Technology Stack
| Category | Technologies |
|---|---|
| AI / LLM | Ollama, OpenWebUI, local models (Qwen, Llama), frontier APIs (OpenAI, Anthropic) |
| RE / VR | Ghidra, pyghidra, Semgrep, CodeQL, ghidriff |
| MCP | FastMCP (Python), MCPO proxy |
| Training | DSPy optimizers (MIPROv2, GEPA), QLoRA fine-tuning |
| UI / HUD | Streamlit, Chainlit |
What Students Receive
- Live instruction during the scheduled course dates, with real-time Q&A, hands-on labs, and direct interaction with the instructor
- Real-time collaboration with the instructor and other participants via the cohort Discord channel
- Course materials and exercises during the cohort
- Preconfigured devcontainers with all labs and tools
- Course inference infrastructure (no local GPU required)
- Access to the course CTF server during the cohort
- Stream-only catch-up access to recordings of live sessions for 7 days post-cohort. Recordings are provided as catch-up support for active cohort members and are not a separate deliverable.
Practical Takeaways
What you take home:
- A working local RE+LLM stack you own and control, no subscriptions required
- The ability to build MCP servers that wrap any RE tool you already use
- Prompt optimization and fine-tuning skills that make small local models perform on your specific tasks
- Reusable workflow patterns for binary analysis, vulnerability discovery, and results validation across platforms
- Agent Skills that encode your RE expertise into reproducible, shareable definitions
- A capstone workflow that integrates everything into one pipeline
The capstone has two paths (or do both): an RE path focused on binary analysis and explanation, and a VR path focused on vulnerability discovery and triage. Both produce a working agentic pipeline.
For the full module breakdown, architecture diagram, and "What Clicks" moments, see the full Agentic RE course page.
What Students Say
"I feel like I am fairly well versed with AI, models, MCPs, etc. and I still learned a lot from this training. Every day I commented to my manager and my team how awesome this training was." — B., senior security engineer
"The course felt more like an AI course than a strict RE course. The skills and concepts are clearly transferable to other related contexts. That breadth was a pleasant surprise." — C., security researcher
"This course showed me how to bring AI into our workflow even without internet access. I'm going back to my team with a plan for local LLMs that leadership can actually get behind." — D., RE team lead (restricted networks)
Prerequisites
- Intermediate reverse engineering experience (familiarity with Ghidra, IDA, or similar tools)
- Basic vulnerability research knowledge (understanding of common bug classes and analysis workflows)
- Comfort with scripting in Python (used for MCP servers, orchestration, and workflow glue)
- Familiarity with Linux or macOS command-line environments for stack setup and automation
No prior LLM or AI framework experience needed. We cover the fundamentals before anything advanced.
System Requirements
AI Hardware:
- A machine capable of running at least an 8B model (e.g., Qwen3 or Llama)
- Recommended: modern GPU (RTX 3060+ or Apple M-series) with 16GB+ RAM
- Course inference infrastructure is provided during the course — no local GPU required. Free tiers of frontier model APIs also work for the bring-your-own-model exercises.
Software:
- Python 3.11+
- Docker (for OpenWebUI and Ollama)
- git and a Linux-style command-line environment with administrator privileges
Full Course Details
For the complete course outline, architecture diagram, technology stack, and radar chart, see the full Agentic RE course page.
Government or Institutional Registration?
If a government entity, government program, or government-affiliated organization is paying for or sponsoring your registration, use the dedicated institutional registration form instead of the standard Stripe checkout. Institutional registration involves a review process and a 2–3 business day response.
FAQ
How do virtual courses work?
Courses are delivered live via Zoom as an instructor-led training service, combining structured lectures, real-time Q&A, hands-on labs, and direct interaction with the instructor. You'll receive exercises, access to a CTF server, and instructor support via Discord.
What is the daily format?
A 4-hour live, interactive session each day (09:00–13:00 Eastern), followed by self-paced exercises. Office hours and Discord support are available throughout.
How long can I access the recordings?
Stream-only catch-up access is available for 7 days post-cohort. Recordings are not downloadable and are provided as catch-up support for active cohort members.
Is there a group discount?
Contact us at ping for group pricing.
What's the refund policy?
See our Terms of Service for the full cancellation and refund policy.
Other Agentic RE Offerings in 2026
| Date | Event | Location |
|---|---|---|
| June 15 | REcon 2026 | Montreal, Canada |
| August 1–2 | Black Hat USA 2026 | Las Vegas, NV |
| August 3–4 | Black Hat USA 2026 | Las Vegas, NV |
| August 10–11 | DEFCON 2026 | Las Vegas, NV |
By registering, you agree to our Terms of Service.