> ## Documentation Index > Fetch the complete documentation index at: https://docs.rad.security/llms.txt > Use this file to discover all available pages before exploring further. # AI Workers > Specialized AI agents that automate security tasks with intelligent analysis and integration capabilities **Coming Soon** - AI Workers functionality is currently under development and will be available in an upcoming release. AI Workers are specialized AI agents that automate security tasks by connecting to your security tools and data sources. Each worker focuses on specific security domains and operates continuously to provide security analysis and automated responses. ## AI Worker Architecture RAD's AI Workers integrate with your existing security infrastructure to perform specialized security functions using advanced language models and real-time data analysis. Continuous monitoring and analysis without human intervention AI-generated findings, recommendations, and actionable intelligence Direct integration with your existing security tools and data sources Tailor worker behavior to match your specific security requirements ## Pre-Built AI Workers RAD Security includes four specialized AI Workers, each optimized for specific security domains: **Model:** claude-3-7-sonnet | **Status:** Active Specialized AI agent for monitoring and analyzing cloud infrastructure security across AWS, GCP, and Azure environments. Automatically detects misconfigurations, compliance violations, and security gaps in your cloud infrastructure. **Model:** claude-3-7-sonnet | **Status:** Active Automated vulnerability assessment and remediation tracking across all infrastructure components and dependencies. Identifies critical vulnerabilities, tracks remediation progress, and provides prioritized recommendations. **Model:** claude-3-opus | **Status:** Active Governance, Risk, and Compliance automation for SOC2, ISO 27001, HIPAA, and other regulatory frameworks. Ensures continuous compliance monitoring and generates audit-ready reports. **Model:** claude-3-7-sonnet | **Status:** Active Real-time monitoring and triage of runtime security threats, anomalous behavior, and container security violations with immediate incident response capabilities. ## Configuring AI Workers **Model Selection** * **claude-3-7-sonnet** - General security tasks * **claude-3-opus** - Complex compliance and governance **Worker Settings** * Assign descriptive name and purpose * Define scope of responsibilities **Manual** - Run on-demand for specific investigations **Scheduled** - Recurring execution (hourly, daily, weekly, custom cron) **Event-Based** - Trigger on security events (new vulnerabilities, policy violations, anomalies) Define worker behavior and tasks. Example from Vulnerability Worker: ``` You are a specialized vulnerability management AI assistant for {{accountName}}. Core Functions: 1. Vulnerability Detection - Scan CVEs in dependencies and container images 2. Risk Assessment - Calculate CVSS scores and prioritize vulnerabilities 3. Remediation Tracking - Create and assign remediation tickets ``` **Best Practices:** * Define specific roles and responsibilities * Include organizational context and asset counts * Use dynamic variables like `{{accountName}}` and `{{assetCount}}` Workers access your organization's knowledge base **(BETA)** for context-aware responses: **Categories:** All, Data, Incidents, Test **Benefits:** Context-aware analysis, consistent responses, learning from past incidents Connect workers to your security tools: **Ticketing:** Jira Cloud **SIEM:** Splunk Enterprise, CrowdStrike Falcon, Rapid7 InsightIDR **Vulnerability Scanners:** Qualys, CrowdStrike Spotlight, Rapid7 InsightVM, Tenable VM **EDR:** Microsoft Defender, CrowdStrike Falcon, SentinelOne, Sophos, Tanium, MalwareBytes **IAM:** Okta Identity ## AI Worker Insights AI Workers generate intelligent insights based on their analysis of your security environment: **In Progress** - Active investigations and ongoing analysis **Completed** - Finished assessments with recommendations\ **Critical** - High-priority findings requiring immediate attention Each insight includes: * **Severity Levels** - HIGH, MEDIUM, LOW classifications * **Affected Resources** - Specific assets, containers, or systems * **Timestamps** - When the insight was generated and last updated * **Categories** - Vulnerability Management, Compliance, etc. * **Detailed Analysis** - Tables, summaries, and specific findings ``` Overview: The Vulnerability Worker has completed a scan of all production container images and identified 8 images with high or critical severity CVEs. Immediate patching is required to maintain security posture. Critical Vulnerabilities: - CVE-2021-44228 (Log4Shell) - CVSS 10.0 - Affected Images: api-gateway:v2.3.1, payment-service:v1.8.0 Resource Impact: - 8 container images affected - 2 critical CVEs, 5 high CVEs - 7 total vulnerable packages ``` ## Worker Playground Test and interact with your AI Workers in a safe environment: * **Real-time Interaction** - Chat directly with workers to test capabilities * **Prompt Suggestions** - Pre-built prompts like "Deployment Security Audit" or "Vulnerable Images Report" * **Knowledge Testing** - Verify worker access to knowledge base **(BETA)** and integrations 1. **Deployment Security Audit** - Find and fix Kubernetes misconfigurations 2. **Vulnerable Images Report** - Identify container images with critical vulnerabilities 3. **Compliance Check** - Verify adherence to security policies and frameworks * Test workers with realistic scenarios before deployment * Verify integration access and data retrieval * Validate response quality and accuracy * Check system prompt effectiveness ## Metrics and Monitoring Track AI worker performance and effectiveness: * **Execution History** - When workers ran and their duration * **Success/Failure Rates** - Track worker reliability and error rates * **Resource Impact** - Monitor computational resources and API usage * **Insight Generation Rate** - How many insights workers produce * **Severity Distribution** - Breakdown of findings by severity level * **Action Items Created** - Trackable tasks and recommendations generated * **Trigger Optimization** - Adjust execution frequency based on needs * **Integration Efficiency** - Monitor data source access and response times * **Prompt Refinement** - Improve system prompts based on output quality ## Best Practices 1. **Start with Pre-built Workers** - Use existing workers before creating custom ones 2. **Configure Triggers Appropriately** - Use scheduled triggers for routine tasks, event-based for immediate response 3. **Test in Playground** - Validate worker behavior before production deployment 4. **Enable Relevant Integrations** - Connect workers to your existing security tools * **Customize System Prompts** - Tailor prompts to match your organization's specific needs * **Select Appropriate Models** - Use claude-3-opus for complex compliance tasks, claude-3-7-sonnet for general security work * **Configure Knowledge Base** **(BETA)** **Access** - Enable relevant knowledge categories for context-aware responses * **Regular Review** - Monitor worker insights and adjust configurations as needed * **Integration Updates** - Keep external integrations current with your tooling * **Performance Monitoring** - Track worker effectiveness and optimize as necessary ## Getting Started Ready to deploy AI Workers in your environment? Access the AI Workers section in your RAD Security platform Explore the four available workers and their capabilities Choose a worker and configure triggers, integrations, and system prompts Validate worker behavior and integration access Deploy the worker and track its insights and performance **Pro Tip:** Start with the Vulnerability Worker for immediate value, then expand to other workers as you become comfortable with the platform. Use the playground to test different scenarios and refine your system prompts before deploying to production.