Dan Vella
Senior Software Developer
Invicti
Cybersecurity Track
Session Outline:
Breaking Through - Agentic Penetration Testing
Penetration testing is one of the hardest problems to automate as it requires reasoning under uncertainty, adaptive decision-making, and the ability to chain complex, multi-step exploits across unpredictable environments. This talk explores how we built an agentic system to tackle this challenge.
We'll go beyond the hype of "AI agents" and get into the real engineering: orchestrating many agents running in parallel, managing context growth and decay across long-running tasks, and maintaining traceability when your system is inherently non-deterministic. We'll cover the architectural decisions that matter in production and most importantly, how to create autonomous systems you can trust.
Alongside a live demo of the Invicti Platform and Agentic Pentesting, this talk offers an honest look at where agentic systems shine, and where they still fall short.
About Dan
Dan is a software engineer at Invicti Security, where he currently works on the Agentic Pentesting project. He holds a Master's in Artificial Intelligence from the University of Malta and has published research in JCIM and ACM.
Dan began his career as a data scientist before moving into software engineering, drawn by a passion for building and shipping products. At Invicti, he's worked on the DAST backend and the Platform's identity and integrations services before landing in his current role, where he works across the full engineering stack.
Outside of work, Dan likes to run, read, take photos, and (slowly!) learn the piano. Also passionate about the environment, he founded arja.mt, a project democratising air pollution data in Malta.
