<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.4 20241031//EN" "JATS-journalpublishing1-4.dtd">
<article xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" article-type="research-article" dtd-version="1.4" xml:lang="en">
  <front>
    <journal-meta>
      <journal-id journal-id-type="publisher-id">jis</journal-id>
      <journal-title-group>
        <journal-title>Journal of Information Security</journal-title>
      </journal-title-group>
      <issn pub-type="epub">2153-1242</issn>
      <issn pub-type="ppub">2153-1234</issn>
      <publisher>
        <publisher-name>Scientific Research Publishing</publisher-name>
      </publisher>
    </journal-meta>
    <article-meta>
      <article-id pub-id-type="doi">10.4236/jis.2026.173014</article-id>
      <article-id pub-id-type="publisher-id">jis-152254</article-id>
      <article-categories>
        <subj-group>
          <subject>Article</subject>
        </subj-group>
        <subj-group>
          <subject>Computer Science</subject>
          <subject>Communications</subject>
        </subj-group>
      </article-categories>
      <title-group>
        <article-title>Empowering Cybersecurity: Evaluating Agentic AI Frameworks for Threats Detection and Adaptive Incident Response</article-title>
      </title-group>
      <contrib-group>
        <contrib contrib-type="author">
          <name name-style="western">
            <surname>Alshehri</surname>
            <given-names>Huda Zafir</given-names>
          </name>
          <xref ref-type="aff" rid="aff1">1</xref>
        </contrib>
        <contrib contrib-type="author">
          <name name-style="western">
            <surname>Aljohani</surname>
            <given-names>Eiman Salamah</given-names>
          </name>
          <xref ref-type="aff" rid="aff1">1</xref>
        </contrib>
        <contrib contrib-type="author">
          <name name-style="western">
            <surname>Alyami</surname>
            <given-names>Maha Badr</given-names>
          </name>
          <xref ref-type="aff" rid="aff1">1</xref>
        </contrib>
        <contrib contrib-type="author">
          <name name-style="western">
            <surname>Karrar</surname>
            <given-names>Abdelrahman Elsharif</given-names>
          </name>
          <xref ref-type="aff" rid="aff1">1</xref>
        </contrib>
      </contrib-group>
      <aff id="aff1"><label>1</label> College of Computer Science and Engineering, Taibah University, Medina, Saudi Arabia </aff>
      <author-notes>
        <fn fn-type="conflict" id="fn-conflict">
          <p>The authors declare no conflicts of interest regarding the publication of this paper.</p>
        </fn>
      </author-notes>
      <pub-date pub-type="epub">
        <day>27</day>
        <month>05</month>
        <year>2026</year>
      </pub-date>
      <pub-date pub-type="collection">
        <month>05</month>
        <year>2026</year>
      </pub-date>
      <volume>17</volume>
      <issue>03</issue>
      <fpage>276</fpage>
      <lpage>291</lpage>
      <history>
        <date date-type="received">
          <day>06</day>
          <month>05</month>
          <year>2026</year>
        </date>
        <date date-type="accepted">
          <day>27</day>
          <month>06</month>
          <year>2026</year>
        </date>
        <date date-type="published">
          <day>30</day>
          <month>06</month>
          <year>2026</year>
        </date>
      </history>
      <permissions>
        <copyright-statement>© 2026 by the authors and Scientific Research Publishing Inc.</copyright-statement>
        <copyright-year>2026</copyright-year>
        <license license-type="open-access">
          <license-p> This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license ( <ext-link ext-link-type="uri" xlink:href="https://creativecommons.org/licenses/by/4.0/">https://creativecommons.org/licenses/by/4.0/</ext-link> ). </license-p>
        </license>
      </permissions>
      <self-uri content-type="doi" xlink:href="https://doi.org/10.4236/jis.2026.173014">https://doi.org/10.4236/jis.2026.173014</self-uri>
      <abstract>
        <p>This paper presents a comprehensive review of Agentic AI frameworks in cybersecurity, with particular emphasis on autonomous threat detection and adaptive incident response. As cyber threats continue to evolve in complexity and scale, traditional rule-based security mechanisms are becoming increasingly ineffective in responding to dynamic and sophisticated attacks. Agentic AI introduces a transformative approach by integrating real-time monitoring, continuous learning, autonomous reasoning, and adaptive decision-making into cybersecurity operations. The review examines recent advances in areas such as autonomous threat detection, SOC automation, adaptive response systems, governance, explainability, and adversarial risks. The findings indicate that Agentic AI significantly improves detection accuracy, accelerates incident response, reduces false positives, and enhances overall cyber resilience through technologies including machine learning, deep learning, reinforcement learning, and multi-agent systems. However, despite these promising developments, current research remains fragmented and faces several limitations, including limited real-world validation, insufficient explainability, governance challenges, and vulnerabilities such as adversarial attacks, data poisoning, and model manipulation. The study highlights the need for secure, transparent, and human-centered deployment strategies, as well as standardized evaluation frameworks and stronger human-AI collaboration models. Overall, Agentic AI represents a promising paradigm for building more intelligent, adaptive, and resilient cybersecurity systems capable of addressing the challenges of modern digital environments.</p>
      </abstract>
      <kwd-group kwd-group-type="author-generated" xml:lang="en">
        <kwd>Agentic AI</kwd>
        <kwd>Cybersecurity</kwd>
        <kwd>Threat Detection</kwd>
        <kwd>Adaptive Incident Response</kwd>
        <kwd>Autonomous Cyber Defense</kwd>
        <kwd>Multi-Agent Systems</kwd>
        <kwd>Explainable AI</kwd>
        <kwd>Cyber Resilience</kwd>
      </kwd-group>
    </article-meta>
  </front>
  <body>
    <sec id="sec1">
      <title>1. Introduction</title>
      <p>Digital technologies are evolving rapidly, making modern systems more interconnected and significantly reshaping cybersecurity [<xref ref-type="bibr" rid="B1">1</xref>]. While this transformation has improved efficiency and innovation, it has also intensified cyber threats such as ransomware, phishing, malware, and advanced persistent threats (APTs) [<xref ref-type="bibr" rid="B2">2</xref>]. Many of these attacks rely on automation and evasion techniques that traditional security tools—including signature-based detection systems, firewalls, and rule-based intrusion detection mechanisms—struggle to address effectively [<xref ref-type="bibr" rid="B3">3</xref>]. These conventional approaches are largely reactive, depend on known attack patterns, and often fail to detect zero-day attacks or adapt to evolving threats. In addition, Security Operations Centers (SOCs) face increasing challenges due to massive data volumes, which lead to slower response times, higher false-positive rates, and operational inefficiencies [<xref ref-type="bibr" rid="B4">4</xref>].</p>
      <p>To overcome these limitations, researchers have increasingly integrated artificial intelligence into cybersecurity systems [<xref ref-type="bibr" rid="B5">5</xref>]. Early AI-based approaches, particularly machine learning and deep learning techniques, improved anomaly detection capabilities [<xref ref-type="bibr" rid="B6">6</xref>]. However, these systems still function mainly as assistive tools that require human intervention for final decision-making. As cyber threats continue to evolve, there is a growing demand for intelligent systems capable of autonomous and real-time security operations [<xref ref-type="bibr" rid="B7">7</xref>]. This need has driven the emergence of Agentic AI, which represents a transition from reactive support tools toward autonomous systems capable of reasoning, adapting, and acting independently [<xref ref-type="bibr" rid="B8">8</xref>]. Agentic AI introduces capabilities such as autonomous decision-making, continuous learning, context awareness, and adaptive response mechanisms [<xref ref-type="bibr" rid="B9">9</xref>]. Recent studies demonstrate that these systems can improve detection accuracy, reduce response times, lower false positives, and automate incident response processes [<xref ref-type="bibr" rid="B10">10</xref>]. Examples include self-healing systems, autonomous threat-hunting frameworks, and cognitive SOCs that have shown substantial improvements in cybersecurity efficiency and resilience [<xref ref-type="bibr" rid="B11">11</xref>].</p>
      <p>The literature also reflects a broader shift from reactive defense models toward proactive and predictive cybersecurity strategies [<xref ref-type="bibr" rid="B12">12</xref>]. Agentic AI systems are increasingly capable of anticipating threats, dynamically adapting defenses, and responding autonomously in real time [<xref ref-type="bibr" rid="B13">13</xref>]. These advancements are supported by technologies such as reinforcement learning, deep neural networks, hybrid AI models, and multi-agent systems, which collectively improve the adaptability and robustness of cybersecurity frameworks [<xref ref-type="bibr" rid="B14">14</xref>]. Nevertheless, current research on Agentic AI in cybersecurity remains fragmented [<xref ref-type="bibr" rid="B15">15</xref>]. Many studies focus on isolated aspects such as threat detection, decision-making, or system architecture without presenting integrated frameworks that connect these components effectively [<xref ref-type="bibr" rid="B16">16</xref>]. Critical areas including recovery mechanisms, explainability, governance, and real-world deployment are often insufficiently addressed [<xref ref-type="bibr" rid="B17">17</xref>]. Furthermore, Agentic AI introduces additional security concerns, including adversarial attacks, data poisoning, and vulnerabilities in autonomous decision-making systems [<xref ref-type="bibr" rid="B18">18</xref>]. These challenges highlight the need for a comprehensive and structured review of Agentic AI frameworks in cybersecurity [<xref ref-type="bibr" rid="B19">19</xref>]. Accordingly, this paper examines recent developments in advanced threat detection and adaptive incident response systems [<xref ref-type="bibr" rid="B20">20</xref>], identifies key research trends and limitations, and highlights future directions for building more resilient, autonomous, and trustworthy cybersecurity frameworks.</p>
      <sec id="sec1dot1">
        <title>1.1. Research Gap</title>
        <p>Even though more researchers are turning their attention to agentic AI for cybersecurity, the work so far is all over the map. Most papers pick one narrow slice of the problem—say, how to detect a threat or how to launch a response—without connecting those pieces into a complete picture that covers the full arc of a security event. Recovery, for example, hardly ever gets mentioned in the same breath as detection and response. Another issue is that very few studies bother to test their systems in real, live environments. Simulations and theoretical models are fine up to a point, but they do not tell you much about how something will hold up when actual attackers are knocking on the door. On top of that, nobody has agreed on a common set of benchmarks, so comparing one agentic approach against another is next to impossible. Explainability tends to get glossed over, too, even though people need to understand why an autonomous system made a particular call, especially when the stakes are high. Governance and ethics are either missing entirely or treated as an afterthought. And perhaps most worrying, hardly anyone is looking at how to protect the agentic AI systems themselves from things like adversarial attacks, poisoned data, or someone messing with the model. Taken together, these gaps mean the field is not yet ready to build the kind of integrated, dependable, and practical systems that real security operations demand.</p>
      </sec>
      <sec id="sec1dot2">
        <title>1.2. Contributions</title>
        <p>This paper brings several new things to the table. First, it pulls together recent work on agentic AI in cybersecurity and organizes it around six main themes: automated threat detection, agent architectures, SOC automation, governance, adversarial risks, and human-focused threats like phishing. Second, it sorts through the evidence to show where agentic AI actually delivers—faster responses, better detection rates, fewer false alarms—and where the proof is still thin or mixed. Third, the paper offers a new conceptual diagram (<xref ref-type="fig" rid="fig1">Figure 1</xref>) that ties together agentic features, AI techniques, real-world applications, outcomes, and remaining research gaps, giving readers a single place to see the whole landscape. Fourth, it includes a side-by-side comparison table (<bold>Table 1</bold>) that makes it easy to spot which studies use AI techniques, which include decision mechanisms, and which have true agentic features, along with a clear note on each one’s limitations. Finally, the paper lays out a targeted list of what to tackle next: building systems that handle detection, response, and recovery together; testing at scale in live environments; creating standard benchmarks; making decisions easier to understand; setting up governance and ethics guardrails; defending the AI systems themselves from attack; and adapting agentic approaches for new, spread-out environments like IoT, cloud, and edge computing. Agentic AI represents a shift from reactive tools to systems that act autonomously, set goals, and make decisions with little human input. Once a theoretical concept, it is now being deployed across healthcare, cybersecurity, software engineering, and business. Researchers are examining both its potential benefits and risks. This paper surveys recent work on agentic AI, covering technical capabilities, security concerns, real-world applications, and evaluation methods.</p>
      </sec>
      <sec id="sec1dot3">
        <title>1.3. Scope and Operational Definitions</title>
        <p>In this review, agentic AI refers to AI systems capable of autonomous, goal-directed, and context-aware decision-making with limited human intervention. Adaptive incident response refers to security actions that are dynamically selected and adjusted according to the evolving threat context rather than following a fixed rule set. Decision mechanisms refer to the rules, models, or learning-based processes used by a system to select a security action. Agentic features refer to system characteristics such as autonomy, planning, memory, adaptability, real-time processing, and multi-agent coordination. Studies were classified as agentic if they explicitly described autonomous or semi-autonomous threat detection, adaptive response, reasoning, learning, or coordination in cybersecurity tasks; studies that used AI only as a support tool without autonomous action were not classified as agentic AI.</p>
      </sec>
      <sec id="sec1dot4">
        <title>1.4. Review Methods</title>
        <p>This paper used a structured review approach to explore recent research on Agentic AI in cybersecurity. Relevant studies were gathered from well-known academic databases such as IEEE Xplore, SpringerLink, ScienceDirect, Google Scholar, arXiv, SSRN, and MDPI. The search mainly focused on publications released between 2023 and 2026. To locate relevant work, several keywords and combinations were used, including “Agentic AI,” “autonomous cybersecurity,” “adaptive incident response,” “AI-driven threat detection,” “cognitive security agents,” “SOC automation,” and “autonomous cyber defense”. The review process was carried out in several steps. First, duplicate papers and studies unrelated to cybersecurity were removed after reviewing titles and abstracts. Then, the remaining papers were examined in full to determine whether they addressed autonomous or agent-based AI applications in cybersecurity. Finally, the selected studies were grouped and analyzed according to their contributions in areas such as threat detection, adaptive response, governance, adversarial risks, SOC automation, and agent architectures. Studies were included when they discussed autonomous AI techniques, adaptive defense systems, or agent-based cybersecurity frameworks. On the other hand, papers were excluded if they focused only on traditional AI methods without autonomous capabilities, lacked direct relevance to cybersecurity, or did not provide enough technical or experimental detail. The final group of studies was selected based on relevance, recency, research quality, and their contribution to the main themes covered in this review</p>
      </sec>
    </sec>
    <sec id="sec2">
      <title>2. Background</title>
      <p>As cyber threats grow more sophisticated by the day, traditional security tools often struggle to keep pace. That struggle has encouraged researchers to weave advanced artificial intelligence more deeply into cybersecurity work. This section walks through how AI has developed in this space, introduces the idea of agentic AI, and covers its key traits, detection methods, system designs, and role in handling security incidents. In the early days, security systems relied on fixed rules and known attack signatures, which meant they frequently missed brand new threats. Then machine learning came along, offering the ability to spot patterns across huge datasets, and deep learning later made it possible to handle messy, real world information like network logs. Still, most of these systems required a person to make the final judgment call. That missing piece—full autonomy—is what opened the door for agentic AI [<xref ref-type="bibr" rid="B2">2</xref>][<xref ref-type="bibr" rid="B3">3</xref>][<xref ref-type="bibr" rid="B5">5</xref>]. Agentic AI refers to systems that can act independently, weigh different options, and take steps toward a goal without needing constant human guidance. In cybersecurity, this means they can spot threats, assess the situation, and react instantly, unlike older tools that simply follow preset instructions [<xref ref-type="bibr" rid="B2">2</xref>][<xref ref-type="bibr" rid="B3">3</xref>]. The main characteristics include operating without human input, learning from earlier events, running in real time, understanding context, letting multiple agents work together, and pursuing well defined objectives such as minimizing damage from an attack [<xref ref-type="bibr" rid="B2">2</xref>][<xref ref-type="bibr" rid="B6">6</xref>][<xref ref-type="bibr" rid="B8">8</xref>]. When it comes to spotting threats, these systems rely on a mix of approaches. They use machine learning to detect unusual behavior, deep learning to sift through enormous volumes of data, reinforcement learning to improve based on past outcomes, and GANs to run attack simulations. They also combine different models or set up multi agent teams to catch what a single method might miss [<xref ref-type="bibr" rid="B1">1</xref>][<xref ref-type="bibr" rid="B4">4</xref>][<xref ref-type="bibr" rid="B16">16</xref>]. Rather than sticking to rigid, prewritten response plans, Agentic AI crafts its actions based on the specific attack it sees. These actions might involve isolating infected machines, blocking malicious traffic, adjusting firewall rules, or launching recovery procedures on their own [<xref ref-type="bibr" rid="B1">1</xref>][<xref ref-type="bibr" rid="B6">6</xref>][<xref ref-type="bibr" rid="B10">10</xref>]. There are generally three levels of autonomy. In a human in the loop setup, the AI makes suggestions, but people still make the final decisions. With humans on the loop, the AI acts independently while people monitor from a distance. And in fully autonomous mode, the AI handles everything alone, from detection to response [<xref ref-type="bibr" rid="B2">2</xref>][<xref ref-type="bibr" rid="B8">8</xref>][<xref ref-type="bibr" rid="B14">14</xref>]. Cognitive autonomy takes this a step further. Here, AI agents can examine their environment, reason through complicated situations, and make smart decisions without outside help. They blend perception, learning, memory, and decision making to understand the bigger picture and choose effective responses [<xref ref-type="bibr" rid="B3">3</xref>][<xref ref-type="bibr" rid="B7">7</xref>]. As for system designs, common architectures include simple rule based systems which are easy to build but inflexible alongside machine learning based designs, deep learning based designs, hybrid models that combine multiple techniques, and multi agent setups where several agents coordinate their efforts [<xref ref-type="bibr" rid="B5">5</xref>][<xref ref-type="bibr" rid="B14">14</xref>]. Finally, agentic AI speeds up incident management by automating detection, response, and recovery. It catches threats as they unfold, studies attack patterns on the fly, acts without delay, and helps bring systems back online much faster than traditional methods [<xref ref-type="bibr" rid="B6">6</xref>][<xref ref-type="bibr" rid="B9">9</xref>][<xref ref-type="bibr" rid="B19">19</xref>]. With agentic AI, systems can run on their own, think through difficult objectives, and act without much human oversight [<xref ref-type="bibr" rid="B21">21</xref>]. Unlike older AI that simply reacts, Agentic AI plans and adjusts as needed, working like a teammate or an independent operator [<xref ref-type="bibr" rid="B22">22</xref>]. Lately, studies have looked at what this technology can do and what might go wrong in medicine [<xref ref-type="bibr" rid="B23">23</xref>] cybersecurity [<xref ref-type="bibr" rid="B24">24</xref>] software development [<xref ref-type="bibr" rid="B25">25</xref>] and business systems [<xref ref-type="bibr" rid="B26">26</xref>]. This paper brings together current findings on agentic AI, covering what it promises technically [<xref ref-type="bibr" rid="B27">27</xref>], where security issues arise [<xref ref-type="bibr" rid="B28">28</xref>], how it is used across fields [<xref ref-type="bibr" rid="B29">29</xref>], and new ways to assess it [<xref ref-type="bibr" rid="B30">30</xref>]. Our goal is to give a broad picture of the remaining hurdles and how to build agentic AI that people can trust.</p>
    </sec>
    <sec id="sec3">
      <title>3. Related Works</title>
      <p>More researchers are looking into how agentic AI can help with cybersecurity, especially for spotting threats and handling incidents. This review groups recent studies into six themes. Sheth and his team [<xref ref-type="bibr" rid="B1">1</xref>] built a self-healing security framework where agentic AI handles detection and response on its own. It caught 96.8% of threats, recovered 75% faster, and cut downtime by 60%. In another paper [<xref ref-type="bibr" rid="B4">4</xref>], they designed a threat hunting system using neural networks that hit 98.2% accuracy and a 97.1% F1-score on standard datasets. Hattali [<xref ref-type="bibr" rid="B15">15</xref>] showed how adaptive AI stops ransomware, phishing, and zero-day attacks in real time across finance, healthcare, and defense. Lazer <italic>et al.</italic> [<xref ref-type="bibr" rid="B2">2</xref>] said agentic AI goes beyond basic generative models by reasoning, planning, and adapting over time. They covered both defense uses and offensive risks. Adabara <italic>et al.</italic> [<xref ref-type="bibr" rid="B3">3</xref>] reviewed goal-driven agentic AI with cognitive architectures and reinforcement learning, looking at neuromorphic hardware, hybrid defense, and cross-border governance. Another survey by the same group [<xref ref-type="bibr" rid="B5">5</xref>] focused on reasoning, memory, and planning, noting that fixed rules do not work well against changing threats. Sugumar [<xref ref-type="bibr" rid="B5">5</xref>] proposed a next-generation SOC built on multiple cognitive agents that use deep learning, reinforcement learning, and knowledge graphs. It did better than standard SIEM tools. Kshetri [<xref ref-type="bibr" rid="B8">8</xref>] found that agentic AI can automate SOC tasks and boost efficiency, but also creates new weak spots. Adeyemi [<xref ref-type="bibr" rid="B9">9</xref>] systematically reviewed AI-led response systems, highlighting machine learning and NLP for finding anomalies while raising questions about openness and accountability. Indranil [<xref ref-type="bibr" rid="B6">6</xref>] created a Cognitive Trust Architecture that updates trust levels on the fly based on behavior, intent, and context, and also models adversarial moves. Evani [<xref ref-type="bibr" rid="B7">7</xref>] put together a security framework for agentic AI with layered risk controls, dynamic trust scores, and explainable decisions. Malatji [<xref ref-type="bibr" rid="B13">13</xref>] matched different AI agent types to the NIST Cybersecurity Framework 2.0 to help organizations pick the right one. Chakrabarty [<xref ref-type="bibr" rid="B10">10</xref>] looked at how attackers target agentic AI systems, pointing to risks from system complexity and broad access rights, and proposed multi-layered defense. Balassone <italic>et al.</italic> [<xref ref-type="bibr" rid="B17">17</xref>] ran capture-the-flag tests with autonomous agents and found that defenders lost their advantage when real-world limits were added. Datta <italic>et al.</italic> [<xref ref-type="bibr" rid="B19">19</xref>] examined security risks in LLM-powered agentic AI, offering a threat classification and reviewing defense methods. Mustafa [<xref ref-type="bibr" rid="B12">12</xref>] used agentic AI with NLP, behavior analysis, and reinforcement learning to spot and stop phishing and vishing attacks. It outperformed traditional methods in accuracy and false alarms. Tallam [<xref ref-type="bibr" rid="B11">11</xref>] discussed how agentic and frontier AI are reshaping defense against advanced persistent threats, pushing for real-time monitoring and ethical oversight. Hernández-Rivas [<xref ref-type="bibr" rid="B14">14</xref>] looked at machine learning for catching advanced threats early, pointing to problems like models growing stale and attackers adapting. Molina <italic>et al.</italic> [<xref ref-type="bibr" rid="B16">16</xref>] reviewed 22 studies on AI-powered threat response and listed seven major challenges. Kotte [<xref ref-type="bibr" rid="B18">18</xref>] compared autonomous AI with traditional security, noting better speed and accuracy but also transparency headaches. Research on agentic AI shows strong potential but spotty real-world proof. Salehi <italic>et al.</italic> [<xref ref-type="bibr" rid="B21">21</xref>] found that while agentic AI works well for tasks like image segmentation in neuroradiology, clinical evidence still lags behind lab results. Leo <italic>et al.</italic> [<xref ref-type="bibr" rid="B22">22</xref>] proposed a trust-based risk framework for security, shifting focus from threats to verifiable agent behavior. Li <italic>et al.</italic> [<xref ref-type="bibr" rid="B23">23</xref>] introduced “in silico team science,” where multi-agent systems run experiments and crunch omics data on their own. On the theory side, Floridi <italic>et al.</italic> [<xref ref-type="bibr" rid="B25">25</xref>] rolled out Agentic AI Optimization (AAIO), separating optimization done by agents from optimization done to them. Olujimi <italic>et al.</italic> [<xref ref-type="bibr" rid="B26">26</xref>] mapped research trends in small businesses, spotting gaps tied to limited resources. Hasan <italic>et al.</italic> [<xref ref-type="bibr" rid="B27">27</xref>] showed that current testing methods miss many emergent agent behaviors. Dholakia <italic>et al.</italic> [<xref ref-type="bibr" rid="B28">28</xref>] argued that old-school metrics don’t work for goal-driven systems. </p>
      <sec id="sec3dot1">
        <title>Cross-Domain Applications</title>
        <p>Drawing on studies from neuroradiology, biomedical research, psychiatry, cybersecurity, software testing, entrepreneurship, and religious tourism, research offer a cross-sector look at current challenges and pathways toward trustworthy deployment. Sharma <italic>et al.</italic> [<xref ref-type="bibr" rid="B24">24</xref>] laid out a roadmap for psychiatric care, weighing round-the-clock monitoring against safety and bias concerns. Al-Bashrawi <italic>et al.</italic> [<xref ref-type="bibr" rid="B29">29</xref>] explored how founders and AI agents can work together to spark innovation. Lastly, Khamis [<xref ref-type="bibr" rid="B30">30</xref>] built and tested a working agentic system for Umrah travel planning, proving that multiple sub-agents can handle logistics, user preferences, and real-time changes in a service setting. <bold>Table 1</bold> summarizes recent literature on agentic AI in cybersecurity. Most studies use AI techniques and agentic features, but only about half include decision-making mechanisms. Common gaps include poor transparency, little focus on recovery processes, and too much theory over practice. While a few works stand out, the field still needs better explainability, recovery methods, and real-world testing.</p>
        <p><bold>Table 1.</bold> Summary of related studies: limitations, features, and contributions.</p>
        <table-wrap id="tbl1">
          <label>Table 1</label>
          <table>
            <tbody>
              <tr>
                <td>Ref</td>
                <td>Year</td>
                <td>KeyContribution</td>
                <td>Agentic-AITechniques</td>
                <td>DecisionMechanisms</td>
                <td>AgenticFeatures</td>
                <td>Limitation/Gaps</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B1">1</xref>
                  ]
                </td>
                <td>2025</td>
                <td>Self-healing security framework with autonomous detection and adaptation</td>
                <td>✓</td>
                <td>✗</td>
                <td>✓</td>
                <td>Lacks transparency in decision-making</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B2">2</xref>
                  ]
                </td>
                <td>2026</td>
                <td>Highlights key agentic AI principles for cybersecurity</td>
                <td>✓</td>
                <td>✓</td>
                <td>✓</td>
                <td>No specific cybersecurity techniques discussed</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B3">3</xref>
                  ]
                </td>
                <td>2025</td>
                <td>Reviews ML techniques for attack prediction and identification</td>
                <td>✓</td>
                <td>✓</td>
                <td>✓</td>
                <td>Needs to address how agentic AI empowers cybersecurity</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B4">4</xref>
                  ]
                </td>
                <td>2025</td>
                <td>AI-driven autonomous threat hunting using ML and deep RL</td>
                <td>✓</td>
                <td>✗</td>
                <td>✓</td>
                <td>Lacks decision-making transparency</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B5">5</xref>
                  ]
                </td>
                <td>2025</td>
                <td>Reviews defense architectures and governance innovations</td>
                <td>✓</td>
                <td>✓</td>
                <td>✗</td>
                <td>Needs simpler, more accessible introduction</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B6">6</xref>
                  ]
                </td>
                <td>2024</td>
                <td>Cognitive AI agents for faster threat identification</td>
                <td>✓</td>
                <td>✓</td>
                <td>✓</td>
                <td>Needs extension into explainable agentic AI</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B7">7</xref>
                  ]
                </td>
                <td>2025</td>
                <td>Stakeholder perspectives on AI dependability in QA processes</td>
                <td>✗</td>
                <td>✗</td>
                <td>✗</td>
                <td>More managerial than technical</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B8">8</xref>
                  ]
                </td>
                <td>Preprint</td>
                <td>Security framework with risk governance, trust scoring, and explainable pipelines</td>
                <td>✓</td>
                <td>✓</td>
                <td>✓</td>
                <td>Fig. 3 needs layer numbering</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B9">9</xref>
                  ]
                </td>
                <td>2025</td>
                <td>Explores agentic AI for emerging cyber threats</td>
                <td>✓</td>
                <td>✓</td>
                <td>✓</td>
                <td>Recovery mechanisms not mentioned</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B10">10</xref>
                  ]
                </td>
                <td>2023</td>
                <td>PRISMA-based review of AI-driven autonomous response systems</td>
                <td>✓</td>
                <td>✓</td>
                <td>✓</td>
                <td>None</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B11">11</xref>
                  ]
                </td>
                <td>2025</td>
                <td>Analyzes adversarial attacks on agentic AI systems</td>
                <td>✓</td>
                <td>✓</td>
                <td>✓</td>
                <td>Proposed model needs more detail</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B12">12</xref>
                  ]
                </td>
                <td>2025</td>
                <td>Agentic and frontier AI for APT defense with ethical governance</td>
                <td>✓</td>
                <td>✓</td>
                <td>✓</td>
                <td>Recovery mechanisms not mentioned</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B13">13</xref>
                  ]
                </td>
                <td>2025</td>
                <td>Agentic AI as proactive sentinel against social engineering</td>
                <td>✓</td>
                <td>✓</td>
                <td>✓</td>
                <td>Experimental sample needs expansion</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B14">14</xref>
                  ]
                </td>
                <td>2025</td>
                <td>Aligns AI agent architectures with NIST CSF 2.0</td>
                <td>✗</td>
                <td>✓</td>
                <td>✓</td>
                <td>Focuses on “agent” not “agentic”; agentic only theoretical</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B15">15</xref>
                  ]
                </td>
                <td>2024</td>
                <td>ML techniques for APT detection and mitigation</td>
                <td>✓</td>
                <td>✓</td>
                <td>✓</td>
                <td>None</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B16">16</xref>
                  ]
                </td>
                <td>2024</td>
                <td>Adaptive AI for autonomous decision-making and self-learning</td>
                <td>✓</td>
                <td>✓</td>
                <td>✓</td>
                <td>Implicitly addresses agentic AI, not explicitly</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B17">17</xref>
                  ]
                </td>
                <td>2024</td>
                <td>Broad survey of AI-driven threat response systems (22 studies)</td>
                <td>✗</td>
                <td>✗</td>
                <td>✗</td>
                <td>Not focused on agentic AI specifically</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B18">18</xref>
                  ]
                </td>
                <td>2025</td>
                <td>Evaluates AI agents in dynamic cybersecurity environments</td>
                <td>✗</td>
                <td>✓</td>
                <td>✓</td>
                <td>Recovery addressed via cybersecurity AI, not agentic AI</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B19">19</xref>
                  ]
                </td>
                <td>2025</td>
                <td>Autonomous AI agents for proactive threat detection and response</td>
                <td>✓</td>
                <td>✓</td>
                <td>✓</td>
                <td>Recovery using autonomous AI agents included ✓</td>
              </tr>
              <tr>
                <td>
                  [
                  <xref ref-type="bibr" rid="B20">20</xref>
                  ]
                </td>
                <td>2025</td>
                <td>Threat taxonomy, benchmarks, and defenses for agentic AI</td>
                <td>✓</td>
                <td>✓</td>
                <td>✗</td>
                <td>Lacks comprehensive architectural perspective</td>
              </tr>
            </tbody>
          </table>
        </table-wrap>
        <fig id="fig1">
          <label>Figure 1</label>
          <graphic xlink:href="https://html.scirp.org/file/7801235-rId13.jpeg?20260630110616" />
        </fig>
        <p><bold>Figure 1.</bold> Agentic AI in Cybersecurity: Framework, Outcomes, and Research Gaps.</p>
        <p><xref ref-type="fig" rid="fig1">Figure 1</xref> outlines how Agentic AI works in cybersecurity. It starts with key features like autonomy and continuous learning, which feed into AI techniques such as machine and reinforcement learning. These techniques enable applications including threat detection, incident response, and SOC automation. The outcomes are better accuracy, faster responses, fewer false alarms, and stronger resilience. The bottom section lists six research gaps, such as limited real-world testing, missing recovery mechanisms, and no standard benchmarks. The figure offers a clear snapshot of where Agentic AI stands today and what still needs work.</p>
      </sec>
    </sec>
    <sec id="sec4">
      <title>4. Findings</title>
      <p>When you line up the selected studies and compare them, one thing becomes obvious: Agentic AI is shaping up to be the next big step forward in cybersecurity. Across all the research, these systems aren’t just designed to detect trouble. They watch, reason, make choices, take action, and adjust as things change, all with very little need for a human to step in. You see this playing out in self-healing networks, autonomous threat hunting, automation inside security operations centers, and response frameworks that adapt on the fly [<xref ref-type="bibr" rid="B1">1</xref>][<xref ref-type="bibr" rid="B4">4</xref>][<xref ref-type="bibr" rid="B6">6</xref>][<xref ref-type="bibr" rid="B16">16</xref>][<xref ref-type="bibr" rid="B19">19</xref>]. A lot of the studies highlight serious improvements when it comes to autonomous detection and response. Agentic AI systems can keep an eye on things in real time, identify threats entirely on their own, and kick off responses without waiting for a person to give the go‑ahead. That slashes the workload for human teams and makes incident handling much faster, especially in high‑pressure situations where every second counts [<xref ref-type="bibr" rid="B1">1</xref>][<xref ref-type="bibr" rid="B6">6</xref>][<xref ref-type="bibr" rid="B19">19</xref>]. One trait that shows up repeatedly is continuous improvement. These systems lean on machine learning, deep learning, reinforcement learning, and feedback loops to get better as time goes on. That ability lets them adapt to fresh attack techniques and catch threats no one has seen before, something static, rule‑based tools just cannot do [<xref ref-type="bibr" rid="B4">4</xref>][<xref ref-type="bibr" rid="B17">17</xref>]. Several studies also point to a clear move away from being reactive and toward being proactive. Older methods basically sit around waiting for an attack to land. Agentic AI flips that script. It helps forecast threats, go out and hunt them down ahead of time, and tweak defenses on the fly. The result is stronger overall resilience and less damage when something does slip through [<xref ref-type="bibr" rid="B9">9</xref>][<xref ref-type="bibr" rid="B17">17</xref>]. Beyond just how well these systems perform, quite a few papers dig into ethics and control. People keep coming back to explainability, accountability, and transparency, especially around how decisions get made and how to roll these systems out in a responsible way [<xref ref-type="bibr" rid="B2">2</xref>][<xref ref-type="bibr" rid="B3">3</xref>][<xref ref-type="bibr" rid="B8">8</xref>]. Of course, Agentic AI also brings brand new problems. Researchers point to vulnerabilities like adversarial attacks, data poisoning, and outright misuse. Trust failures, misalignment between goals, and weak control mechanisms also show up as serious concerns that still need fixing [<xref ref-type="bibr" rid="B2">2</xref>][<xref ref-type="bibr" rid="B11">11</xref>]. Looking at what gets the most attention, most studies zero in on detection techniques, adaptive learning, autonomous response, and building conceptual or architectural frameworks. Those are the parts of the field that are most mature right now. But there are also some notable gaps. Real‑world testing is pretty scarce. A lot of papers rely on simulations or theoretical ideas instead of live deployments. Governance tends to get tacked on at the end rather than built into the design from the start. Human-centered security, recovery mechanisms, and system resilience get spotty coverage at best. And without standard ways to measure performance, comparing one approach to another remains really difficult. So the bottom line is this: Agentic AI is changing cybersecurity by bringing more independence, adaptability, and smarter responses. But to make it work in actual, real-world environments, the field needs implementations that are more complete, better tested, and more secure. </p>
      <sec id="sec4dot1">
        <title>Evidence Strength of Reported Performance Benefits</title>
        <p>The literature frequently reports benefits of Agentic AI in cybersecurity, particularly in terms of detection accuracy, response speed, and false-alarm reduction. However, the level of evidence supporting these outcomes varies across studies.</p>
        <p>1) Detection Accuracy:</p>
        <p>Claims regarding improved detection accuracy are supported primarily by a limited number of empirical case studies rather than by broad validation across the literature. For example, Sheth <italic>et al.</italic> [<xref ref-type="bibr" rid="B1">1</xref>] reported a threat detection rate of 96.8%, while autonomous threat-hunting work achieved approximately 98.2% accuracy and a 97.1% F1-score [<xref ref-type="bibr" rid="B4">4</xref>]. Similarly, Mustafa [<xref ref-type="bibr" rid="B12">12</xref>] observed improved performance in phishing detection compared with conventional approaches. Although these findings suggest strong potential, evidence currently comes from a relatively small number of isolated implementations and simulation-based evaluations rather than consistent large-scale validation across multiple independent studies.</p>
        <p>2) Response Time:</p>
        <p>Faster incident response appears to be one of the most consistently discussed benefits in literature. Multiple studies [<xref ref-type="bibr" rid="B1">1</xref>][<xref ref-type="bibr" rid="B6">6</xref>][<xref ref-type="bibr" rid="B8">8</xref>][<xref ref-type="bibr" rid="B18">18</xref>][<xref ref-type="bibr" rid="B19">19</xref>] argue that autonomous decision-making and SOC automation reduce delays in incident handling and improve operational efficiency. However, only a subset of these studies provides quantitative performance measurements, while many rely on conceptual frameworks or theoretical discussions. Therefore, evidence for response-time improvement can be viewed as a repeated finding across several papers, although quantitative validation remains limited.</p>
        <p>3) False Alarm Reduction:</p>
        <p>The literature provides weaker evidence regarding reductions in false alarms or false positives. Only a few studies, such as autonomous threat-hunting frameworks and social engineering detection systems [<xref ref-type="bibr" rid="B4">4</xref>][<xref ref-type="bibr" rid="B13">13</xref>], explicitly report improvements in false-positive behavior. Most studies mention this benefit conceptually without presenting measurable results. Consequently, claims regarding false-alarm reduction remain largely conceptual arguments supported by limited empirical evidence.</p>
        <p>Overall, while Agentic AI demonstrates promising performance outcomes, current evidence remains uneven. Improvements in response speed are supported across multiple studies, whereas gains in accuracy and false-alarm reduction rely more heavily on isolated case studies and simulation-based results. More standardized benchmarks and large-scale real-world validation are required before general conclusions can be established.</p>
      </sec>
    </sec>
    <sec id="sec5">
      <title>5. Discussion</title>
      <p>The findings of this review indicate that Agentic AI is fundamentally transforming cybersecurity by shifting it from traditional reactive, rule-based mechanisms toward more autonomous, adaptive, and intelligent defense systems. This transition reflects the increasing complexity, speed, and sophistication of modern cyber threats, which require security solutions capable of operating beyond static predefined rules. One of the most significant observations concerns the growing emphasis on autonomous detection and response capabilities. Agentic AI systems are increasingly designed to monitor environments, identify threats, and initiate responses with minimal human intervention, thereby reducing response delays and alleviating the operational burden on Security Operations Center (SOC) teams. However, despite these advancements, fully autonomous cybersecurity remains an evolving objective rather than a fully realized reality, as many current systems still rely on varying degrees of human supervision and validation.</p>
      <p>Another major finding is the critical role of adaptive learning technologies, including machine learning, deep learning, and reinforcement learning, in enabling continuous system improvement over time. These approaches address one of the primary limitations of conventional rule-based security tools by allowing systems to adapt dynamically to emerging threats and changing attack patterns. Nevertheless, the effectiveness of such adaptive mechanisms heavily depends on the availability of high-quality data, reliable model training, and bias mitigation strategies. Weaknesses in data quality, model robustness, or fairness can undermine trust in AI-driven decisions and negatively affect operational reliability.</p>
      <p>The review also highlights the important shift from reactive cybersecurity toward proactive defense strategies. Agentic AI systems have demonstrated strong potential in predicting threats, identifying vulnerabilities, and mitigating attacks before they fully materialize. While this capability represents a major advancement in cyber defense, accurate predictive performance requires robust datasets, advanced modeling techniques, and continuous validation processes—requirements that are not comprehensively addressed in many existing studies. Consequently, the gap between theoretical potential and operational deployment remains significant.</p>
      <p>Governance, transparency, and trust emerged as equally critical considerations. As cybersecurity systems gain greater autonomy, explainability and accountability become essential requirements rather than optional enhancements. Organizations operating in high-risk environments may hesitate to adopt fully autonomous systems without clear ethical guidelines, governance frameworks, and mechanisms for transparent decision-making. Technical performance alone is insufficient to ensure acceptance; responsible deployment also requires balancing automation with ethical oversight and human accountability.</p>
      <p>Furthermore, the review emphasizes that the same characteristics that make Agentic AI highly effective also introduce new vulnerabilities. Autonomous systems themselves may become targets of adversarial attacks, data poisoning, or model manipulation, making AI security an essential component of cybersecurity research. Protecting the AI infrastructure is therefore just as important as protecting the systems and networks it is designed to defend.</p>
      <p>Another important observation is the persistent gap between conceptual research and real-world implementation. Although many studies propose sophisticated architectures and theoretical frameworks, relatively few provide evidence from large-scale operational deployments or real-world testing environments. This limitation highlights the need for standardized evaluation metrics, benchmarking frameworks, and practical validation studies capable of assessing the reliability, scalability, and effectiveness of Agentic AI systems under realistic attack conditions.</p>
      <p>Overall, Agentic AI should not be viewed merely as an incremental improvement over traditional artificial intelligence approach. Rather, it represents a fundamental paradigm shift that combines autonomy, adaptability, and intelligent decision-making within cybersecurity operations. A hybrid human-AI collaboration model appears to offer the most practical and balanced approach for future deployment. In such environments, AI systems can efficiently manage routine monitoring, detection, and response activities, while human experts maintain strategic oversight, ethical judgment, and crisis management responsibilities. Although Agentic AI can rapidly process large volumes of data and recommend appropriate responses, exclusive reliance on autonomous decision-making may introduce ethical concerns and operational risks. Human cybersecurity professionals remain essential for handling complex incidents that require contextual understanding, strategic reasoning, and ethical evaluation. Therefore, the future of cybersecurity will likely depend on achieving an effective balance between the speed and scalability of AI-driven automation and the critical oversight provided by human expertise.</p>
      <sec id="sec5dot1">
        <title>Limitations</title>
        <p>Vulnerable to adversarial attacks and data poisoning, Risks of model manipulation and system misuse, Lack of explainability and transparency, Governance, trust, and accountability issues, Limited real-world validation.</p>
      </sec>
    </sec>
    <sec id="sec6">
      <title>6. Conclusions</title>
      <p>This paper examined the evolution of Agentic AI frameworks in cybersecurity, with particular emphasis on advanced threat detection and adaptive response mechanisms. The review demonstrates that Agentic AI represents a significant transition from traditional reactive security models toward more autonomous, adaptive, and intelligent cybersecurity systems. By integrating real-time monitoring, continuous learning, and autonomous decision-making, these frameworks enhance both the speed and effectiveness of cybersecurity operations. The findings indicate that Agentic AI improves detection accuracy, reduces response time, and supports proactive defense strategies against evolving cyber threats.</p>
      <p>Despite these advantages, the current body of research remains fragmented, with limited real-world validation and considerable variation in system autonomy levels. Furthermore, important aspects such as recovery mechanisms, governance, transparency, and explainability are often insufficiently addressed. Therefore, although Agentic AI offers substantial potential, its practical implementation is still in a developmental stage. More importantly, Agentic AI should not be viewed merely as an extension of conventional AI techniques, but rather as a transformative paradigm that combines autonomy, adaptability, and intelligent response within cybersecurity environments.</p>
      <p>Consequently, Agentic AI is expected to play a central role in shaping future cyber resilience. However, realizing this potential requires further research toward developing integrated, secure, transparent, and trustworthy systems that balance technological advancement with ethical considerations and human oversight. In conclusion, Agentic AI provides a promising pathway toward more resilient and proactive cybersecurity frameworks, but its long-term success depends on addressing current technical, operational, and governance challenges.</p>
    </sec>
    <sec id="sec7">
      <title>7. Future Work</title>
      <p>The limitations identified in this review highlight several important directions for future research. Current studies often focus on isolated tasks such as threat detection or response management, with limited integration of recovery mechanisms into unified security frameworks. Future work should therefore emphasize end-to-end architectures capable of managing the entire cybersecurity lifecycle. In addition, more large-scale real-world evaluations are needed to validate the reliability and adaptability of Agentic AI systems under diverse attack scenarios. Establishing standardized benchmarks for measuring detection accuracy, response speed, resilience, and autonomy is also essential for fair comparison across approaches.</p>
      <p>As Agentic AI systems become increasingly autonomous, enhancing explainability and transparency will be critical to improving user trust and understanding of system decisions. Future research should also address ethical governance, human oversight, and accountability to ensure responsible deployment in high-risk environments. Moreover, stronger protection mechanisms are required to defend Agentic AI systems against adversarial attacks, poisoned data, and model manipulation. Hybrid human-AI collaboration models, where AI handles routine operations while humans supervise strategic decisions, represent another promising direction. Finally, emerging environments such as IoT, cloud computing, and edge infrastructures provide valuable opportunities for developing adaptive and decentralized AI-driven cybersecurity solutions.</p>
    </sec>
  </body>
  <back>
    <ref-list>
      <title>References</title>
      <ref id="B1">
        <label>1.</label>
        <citation-alternatives>
          <mixed-citation publication-type="other">Sheth, A., Achanta, A., Matam, P., Patel, A., Sharma, P., Janapareddy, N.V.P., <italic>et al</italic>. (2025) AI Driven Self-Healing Cybersecurity Systems with Agentic AI for Adaptive Threat Response and Resilience. 2025 <italic>IEEE Cloud Summit</italic>, Washington, 26-27 June 2025, 147-153. https://doi.org/10.1109/cloud-summit64795.2025.00030 <pub-id pub-id-type="doi">10.1109/cloud-summit64795.2025.00030</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.1109/cloud-summit64795.2025.00030">https://doi.org/10.1109/cloud-summit64795.2025.00030</ext-link></mixed-citation>
          <element-citation publication-type="other">
            <person-group person-group-type="author">
              <string-name>Sheth, A.</string-name>
              <string-name>Achanta, A.</string-name>
              <string-name>Matam, P.</string-name>
              <string-name>Patel, A.</string-name>
              <string-name>Sharma, P.</string-name>
              <string-name>Janapareddy, N.V.P.</string-name>
              <string-name>Summit, W</string-name>
            </person-group>
            <year>2025</year>
            <article-title>AI Driven Self-Healing Cybersecurity Systems with Agentic AI for Adaptive Threat Response and Resilience</article-title>
            <source>2025 IEEE Cloud Summit</source>
            <volume>26</volume>
            <pub-id pub-id-type="doi">10.1109/cloud-summit64795.2025.00030</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B2">
        <label>2.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Lazer, S.J., Aryal, K., Gupta, M. and Bertino, E. (2026) A Survey of Agentic AI and Cyber-Security: Challenges, Opportunities and Use-Case Prototypes. arXiv: 2601.05293.</mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Lazer, S.J.</string-name>
              <string-name>Aryal, K.</string-name>
              <string-name>Gupta, M.</string-name>
              <string-name>Bertino, E.</string-name>
              <string-name>Challenges, O</string-name>
            </person-group>
            <year>2026</year>
            <article-title>A Survey of Agentic AI and Cyber-Security: Challenges, Opportunities and Use-Case Prototypes</article-title>
            <fpage>2601</fpage>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B3">
        <label>3.</label>
        <citation-alternatives>
          <mixed-citation publication-type="other">Adabara, I., Olaniyi Sadiq, B., Nuhu Shuaibu, A., Ibarahim Danjuma, Y. and Venkateswarlu, M. (2025) A Review of Agentic AI in Cybersecurity: Cognitive Autonomy, Ethical Governance, and Quantum-Resilient Defense. <italic>F</italic>1000 <italic>Research</italic>, 14, Article No. 843. https://doi.org/10.12688/f1000research.169337.1 <pub-id pub-id-type="doi">10.12688/f1000research.169337.1</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.12688/f1000research.169337.1">https://doi.org/10.12688/f1000research.169337.1</ext-link></mixed-citation>
          <element-citation publication-type="other">
            <person-group person-group-type="author">
              <string-name>Adabara, I.</string-name>
              <string-name>Sadiq, B.</string-name>
              <string-name>Shuaibu, A.</string-name>
              <string-name>Danjuma, Y.</string-name>
              <string-name>Venkateswarlu, M.</string-name>
              <string-name>Autonomy, E</string-name>
            </person-group>
            <year>2025</year>
            <article-title>A Review of Agentic AI in Cybersecurity: Cognitive Autonomy, Ethical Governance, and Quantum-Resilient Defense</article-title>
            <source>F1000Research</source>
            <volume>14</volume>
            <elocation-id>No</elocation-id>
            <pub-id pub-id-type="doi">10.12688/f1000research.169337.1</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B4">
        <label>4.</label>
        <citation-alternatives>
          <mixed-citation publication-type="confproc">Sheth, A., Patel, A., Upadhyay, C., Ragothaman, H., Patil, B. and Udayakumar, S.K. (2025) Agentic AI for Autonomous Cyber Threat Hunting and Adaptive Defense in Dynamic Security Environments. 2025 <italic>IEEE International Conference on Electro Information Technology</italic> ( <italic>eIT</italic>), Valparaiso, 29-31 May 2025, 316-321. https://doi.org/10.1109/eit64391.2025.11103697 <pub-id pub-id-type="doi">10.1109/eit64391.2025.11103697</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.1109/eit64391.2025.11103697">https://doi.org/10.1109/eit64391.2025.11103697</ext-link></mixed-citation>
          <element-citation publication-type="confproc">
            <person-group person-group-type="author">
              <string-name>Sheth, A.</string-name>
              <string-name>Patel, A.</string-name>
              <string-name>Upadhyay, C.</string-name>
              <string-name>Ragothaman, H.</string-name>
              <string-name>Patil, B.</string-name>
              <string-name>Udayakumar, S.K.</string-name>
            </person-group>
            <year>2025</year>
            <article-title>Agentic AI for Autonomous Cyber Threat Hunting and Adaptive Defense in Dynamic Security Environments</article-title>
            <source>2025 IEEE International Conference on Electro Information Technology (eIT)</source>
            <volume>29</volume>
            <pub-id pub-id-type="doi">10.1109/eit64391.2025.11103697</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B5">
        <label>5.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Sugumar, R. (2024) Next-Generation Security Operations Center (SOC) Resilience: Autonomous Detection and Adaptive Incident Response Using Cognitive AI Agents. <italic>International Journal of Technology</italic>, <italic>Management and Humanities</italic>, 10, 62-76.</mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Sugumar, R.</string-name>
              <string-name>Technology, M</string-name>
            </person-group>
            <year>2024</year>
            <article-title>Next-Generation Security Operations Center (SOC) Resilience: Autonomous Detection and Adaptive Incident Response Using Cognitive AI Agents</article-title>
            <source>International Journal of Technology</source>
            <volume>10</volume>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B6">
        <label>6.</label>
        <citation-alternatives>
          <mixed-citation publication-type="web">Indranil, K. (2025) Cognitive Trust Architecture for Mitigating Agentic AI Threats: Adaptive Reasoning and Resilient Cyber Defense. https://philpapers.org/rec/KUMCTA</mixed-citation>
          <element-citation publication-type="web">
            <person-group person-group-type="author">
              <string-name>Indranil, K.</string-name>
            </person-group>
            <year>2025</year>
            <article-title>Cognitive Trust Architecture for Mitigating Agentic AI Threats: Adaptive Reasoning and Resilient Cyber Defense</article-title>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B7">
        <label>7.</label>
        <citation-alternatives>
          <mixed-citation publication-type="web">Evani, P.K. (2025) Agentic AI Security: A Control Framework for Autonomous Decision-Making Systems. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=5332681</mixed-citation>
          <element-citation publication-type="web">
            <person-group person-group-type="author">
              <string-name>Evani, P.K.</string-name>
            </person-group>
            <year>2025</year>
            <article-title>Agentic AI Security: A Control Framework for Autonomous Decision-Making Systems</article-title>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B8">
        <label>8.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Kshetri, N. (2025) Transforming Cybersecurity with Agentic AI to Combat Emerging Cyber Threats. <italic>Telecommunications Policy</italic>, 49, Article ID: 102976.</mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Kshetri, N.</string-name>
            </person-group>
            <year>2025</year>
            <article-title>Transforming Cybersecurity with Agentic AI to Combat Emerging Cyber Threats</article-title>
            <source>Telecommunications Policy</source>
            <volume>49</volume>
            <fpage>102976</fpage>
            <elocation-id>ID</elocation-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B9">
        <label>9.</label>
        <citation-alternatives>
          <mixed-citation publication-type="web">Adeyemi, D.S. (2023) Autonomous Response Systems in Cybersecurity: A Systematic Review of AI-Driven Automation Tools. <italic>Communication in Physical Sciences</italic>, 9, 878-898. https://journalcps.com/index.php/volumes/article/view/696/709</mixed-citation>
          <element-citation publication-type="web">
            <person-group person-group-type="author">
              <string-name>Adeyemi, D.S.</string-name>
            </person-group>
            <year>2023</year>
            <article-title>Autonomous Response Systems in Cybersecurity: A Systematic Review of AI-Driven Automation Tools</article-title>
            <source>Communication in Physical Sciences</source>
            <volume>9</volume>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B10">
        <label>10.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Kishore Chakrabarty, P. (2025) Adversarial Attacks on Agentic AI Systems: Mechanisms, Impacts, and Defense Strategies. <italic>International Journal of Science and Research</italic>( <italic>IJSR</italic>), 14, 1367-1369. https://doi.org/10.21275/sr25417074844 <pub-id pub-id-type="doi">10.21275/sr25417074844</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.21275/sr25417074844">https://doi.org/10.21275/sr25417074844</ext-link></mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Chakrabarty, P.</string-name>
              <string-name>Mechanisms, I</string-name>
            </person-group>
            <year>2025</year>
            <article-title>Adversarial Attacks on Agentic AI Systems: Mechanisms, Impacts, and Defense Strategies</article-title>
            <source>International Journal of Science and Research (IJSR)</source>
            <volume>14</volume>
            <pub-id pub-id-type="doi">10.21275/sr25417074844</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B11">
        <label>11.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Tallam, K. (2025) Transforming Cyber Defense: Harnessing Agentic and Frontier AI for Proactive, Ethical Threat Intelligence. arXiv: 2503.00164.</mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Tallam, K.</string-name>
              <string-name>Proactive, E</string-name>
            </person-group>
            <year>2025</year>
            <article-title>Transforming Cyber Defense: Harnessing Agentic and Frontier AI for Proactive, Ethical Threat Intelligence</article-title>
            <fpage>2503</fpage>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B12">
        <label>12.</label>
        <citation-alternatives>
          <mixed-citation publication-type="web">Mustafa, A. (2025) Agentic Artificial Intelligence as a Proactive Cybercrime Sentinel for Predictive Detection and Strategic Deterrence of Social Engineering Attacks. https://www.researchgate.net/publication/397997466_Agentic_Artificial_Intelligence_as_a_Proactive_Cybercrime_Sentinel_for_Predictive_Detection_and_Strategic_Deterrence_of_Social_Engineering_Attacks</mixed-citation>
          <element-citation publication-type="web">
            <person-group person-group-type="author">
              <string-name>Mustafa, A.</string-name>
            </person-group>
            <year>2025</year>
            <article-title>Agentic Artificial Intelligence as a Proactive Cybercrime Sentinel for Predictive Detection and Strategic Deterrence of Social Engineering Attacks</article-title>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B13">
        <label>13.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Malatji, M. (2025) A Cybersecurity AI Agent Selection and Decision Support Framework. arXiv: 2510.01751.</mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Malatji, M.</string-name>
            </person-group>
            <year>2025</year>
            <article-title>A Cybersecurity AI Agent Selection and Decision Support Framework</article-title>
            <fpage>2510</fpage>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B14">
        <label>14.</label>
        <citation-alternatives>
          <mixed-citation publication-type="other">Hernández-Rivas, A., Morales-Rocha, V. and Sánchez-Solís, J.P. (2024) Towards Autonomous Cybersecurity: A Comparative Analysis of Agnostic and Hybrid AI Approaches for Advanced Persistent Threat Detection. In: Rivera, G., Pedrycz, W., Moreno-Garcia, J. and Sánchez-Solís, J.P., Eds., <italic>Innovative Applications of Artificial Neural Networks to Data Analytics and Signal Processing</italic>, Springer, 181-219. https://doi.org/10.1007/978-3-031-69769-2_8 <pub-id pub-id-type="doi">10.1007/978-3-031-69769-2_8</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.1007/978-3-031-69769-2_8">https://doi.org/10.1007/978-3-031-69769-2_8</ext-link></mixed-citation>
          <element-citation publication-type="other">
            <person-group person-group-type="author">
              <string-name>Rivas, A.</string-name>
              <string-name>Morales-Rocha, V.</string-name>
              <string-name>Rivera, G.</string-name>
              <string-name>Pedrycz, W.</string-name>
              <string-name>Moreno-Garcia, J.</string-name>
              <string-name>Processing, S</string-name>
            </person-group>
            <year>2024</year>
            <article-title>Towards Autonomous Cybersecurity: A Comparative Analysis of Agnostic and Hybrid AI Approaches for Advanced Persistent Threat Detection</article-title>
            <source>In: Rivera</source>
            <volume>181</volume>
            <pub-id pub-id-type="doi">10.1007/978-3-031-69769-2_8</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B15">
        <label>15.</label>
        <citation-alternatives>
          <mixed-citation publication-type="web">Hattali, A. (2024) Adaptive AI for Cybersecurity: Revolutionizing Threat Detection and Incident Response through Intelligent Algorithms. https://www.researchgate.net/profile/Albert-Hattali/publication/386525333</mixed-citation>
          <element-citation publication-type="web">
            <person-group person-group-type="author">
              <string-name>Hattali, A.</string-name>
            </person-group>
            <year>2024</year>
            <article-title>Adaptive AI for Cybersecurity: Revolutionizing Threat Detection and Incident Response through Intelligent Algorithms</article-title>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B16">
        <label>16.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Molina, S.B., Nespoli, P. and Mármol, F.G. (2023) Tackling Cyberattacks through AI-Based Reactive Systems: A Holistic Review and Future Vision. arXiv: 2312.06229.</mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Molina, S.B.</string-name>
              <string-name>Nespoli, P.</string-name>
            </person-group>
            <year>2023</year>
            <article-title>Tackling Cyberattacks through AI-Based Reactive Systems: A Holistic Review and Future Vision</article-title>
            <fpage>2312</fpage>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B17">
        <label>17.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Balassone, F., Mayoral-Vilches, V., Rass, S., Pinzger, M., Perrone, G., Romano, S.P. and Schartner, P. (2025) Cybersecurity AI: Evaluating Agentic Cybersecurity in Attack/Defense CTFs. arXiv: 2510.17521.</mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Balassone, F.</string-name>
              <string-name>Mayoral-Vilches, V.</string-name>
              <string-name>Rass, S.</string-name>
              <string-name>Pinzger, M.</string-name>
              <string-name>Perrone, G.</string-name>
              <string-name>Romano, S.P.</string-name>
              <string-name>Schartner, P.</string-name>
            </person-group>
            <year>2025</year>
            <article-title>Cybersecurity AI: Evaluating Agentic Cybersecurity in Attack/Defense CTFs</article-title>
            <fpage>2510</fpage>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B18">
        <label>18.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Kotte, G. (2025) Securing the Future with Autonomous AI Agents for Proactive Threat Detection and Response. <italic>SSRN Electronic Journal</italic>. https://doi.org/10.2139/ssrn.5283830 <pub-id pub-id-type="doi">10.2139/ssrn.5283830</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.2139/ssrn.5283830">https://doi.org/10.2139/ssrn.5283830</ext-link></mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Kotte, G.</string-name>
            </person-group>
            <year>2025</year>
            <article-title>Securing the Future with Autonomous AI Agents for Proactive Threat Detection and Response</article-title>
            <pub-id pub-id-type="doi">10.2139/ssrn.5283830</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B19">
        <label>19.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Datta, S., Nahin, S.K., Chhabra, A. and Mohapatra, P. (2025) Agentic AI Security: Threats, Defenses, Evaluation, and Open Challenges. arXiv: 2510.23883.</mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Datta, S.</string-name>
              <string-name>Nahin, S.K.</string-name>
              <string-name>Chhabra, A.</string-name>
              <string-name>Mohapatra, P.</string-name>
              <string-name>Threats, D</string-name>
            </person-group>
            <year>2025</year>
            <article-title>Agentic AI Security: Threats, Defenses, Evaluation, and Open Challenges</article-title>
            <fpage>2510</fpage>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B20">
        <label>20.</label>
        <citation-alternatives>
          <mixed-citation publication-type="other">Bandi, A., Kongari, B., Naguru, R., Pasnoor, S. and Vilipala, S.V. (2025) The Rise of Agentic AI: A Review of Definitions, Frameworks, Architectures, Applications, Evaluation Metrics, and Challenges. <italic>Future Internet</italic>, 17, Article 404. https://doi.org/10.3390/fi17090404 <pub-id pub-id-type="doi">10.3390/fi17090404</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.3390/fi17090404">https://doi.org/10.3390/fi17090404</ext-link></mixed-citation>
          <element-citation publication-type="other">
            <person-group person-group-type="author">
              <string-name>Bandi, A.</string-name>
              <string-name>Kongari, B.</string-name>
              <string-name>Naguru, R.</string-name>
              <string-name>Pasnoor, S.</string-name>
              <string-name>Vilipala, S.V.</string-name>
              <string-name>Definitions, F</string-name>
              <string-name>Architectures, A</string-name>
            </person-group>
            <year>2025</year>
            <article-title>The Rise of Agentic AI: A Review of Definitions, Frameworks, Architectures, Applications, Evaluation Metrics, and Challenges</article-title>
            <source>Future Internet</source>
            <volume>17</volume>
            <elocation-id>404</elocation-id>
            <pub-id pub-id-type="doi">10.3390/fi17090404</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B21">
        <label>21.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Salehi, S., Keishing, V., Singh, Y., Wei, D., Khosravi, A., Habibi, P., <italic>et al</italic>. (2026) Systematic Review: Agentic AI in Neuroradiology: Technical Promise with Limited Clinical Evidence. <italic>Journal of Imaging Informatics in Medicine</italic>. https://doi.org/10.1007/s10278-025-01839-2 <pub-id pub-id-type="doi">10.1007/s10278-025-01839-2</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.1007/s10278-025-01839-2">https://doi.org/10.1007/s10278-025-01839-2</ext-link></mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Salehi, S.</string-name>
              <string-name>Keishing, V.</string-name>
              <string-name>Singh, Y.</string-name>
              <string-name>Wei, D.</string-name>
              <string-name>Khosravi, A.</string-name>
              <string-name>Habibi, P.</string-name>
            </person-group>
            <year>2026</year>
            <article-title>Systematic Review: Agentic AI in Neuroradiology: Technical Promise with Limited Clinical Evidence</article-title>
            <pub-id pub-id-type="doi">10.1007/s10278-025-01839-2</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B22">
        <label>22.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Leo, M., Tan, F., Miao, T. and Anand, G. (2026) From Threat to Trust: Assessing Security Risks of Agentic AI Systems. <italic>International Journal of Information Security</italic>, 25, Article No. 23. https://doi.org/10.1007/s10207-025-01185-y <pub-id pub-id-type="doi">10.1007/s10207-025-01185-y</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.1007/s10207-025-01185-y">https://doi.org/10.1007/s10207-025-01185-y</ext-link></mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Leo, M.</string-name>
              <string-name>Tan, F.</string-name>
              <string-name>Miao, T.</string-name>
              <string-name>Anand, G.</string-name>
            </person-group>
            <year>2026</year>
            <article-title>From Threat to Trust: Assessing Security Risks of Agentic AI Systems</article-title>
            <source>International Journal of Information Security</source>
            <volume>25</volume>
            <elocation-id>No</elocation-id>
            <pub-id pub-id-type="doi">10.1007/s10207-025-01185-y</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B23">
        <label>23.</label>
        <citation-alternatives>
          <mixed-citation publication-type="other">Li, B., Saini, A.K., Hernandez, J.G. and Moore, J.H. (2026) Agentic AI and the Rise of <italic>in Silico</italic> Team Science in Biomedical Research. <italic>Nature Biotechnology</italic>, 44, 711-725. https://doi.org/10.1038/s41587-026-03035-1 <pub-id pub-id-type="doi">10.1038/s41587-026-03035-1</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.1038/s41587-026-03035-1">https://doi.org/10.1038/s41587-026-03035-1</ext-link></mixed-citation>
          <element-citation publication-type="other">
            <person-group person-group-type="author">
              <string-name>Li, B.</string-name>
              <string-name>Saini, A.K.</string-name>
              <string-name>Hernandez, J.G.</string-name>
              <string-name>Moore, J.H.</string-name>
            </person-group>
            <year>2026</year>
            <article-title>Agentic AI and the Rise of in Silico Team Science in Biomedical Research</article-title>
            <source>Nature Biotechnology</source>
            <volume>44</volume>
            <pub-id pub-id-type="doi">10.1038/s41587-026-03035-1</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B24">
        <label>24.</label>
        <citation-alternatives>
          <mixed-citation publication-type="other">Sharma, D., Meshkat, S., Perivolaris, A., Kamaleddin, M.A., Teferra, B.G., Rueda, A., <italic>et al</italic>. (2026) Reimagining Psychiatric Care with Agentic AI: Promise, Challenges, and a Roadmap Forward. <italic>npj</italic><italic>Digital Medicine</italic>, 9, Article No. 252. https://doi.org/10.1038/s41746-026-02453-4 <pub-id pub-id-type="doi">10.1038/s41746-026-02453-4</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.1038/s41746-026-02453-4">https://doi.org/10.1038/s41746-026-02453-4</ext-link></mixed-citation>
          <element-citation publication-type="other">
            <person-group person-group-type="author">
              <string-name>Sharma, D.</string-name>
              <string-name>Meshkat, S.</string-name>
              <string-name>Perivolaris, A.</string-name>
              <string-name>Kamaleddin, M.A.</string-name>
              <string-name>Teferra, B.G.</string-name>
              <string-name>Rueda, A.</string-name>
              <string-name>Promise, C</string-name>
            </person-group>
            <year>2026</year>
            <article-title>Reimagining Psychiatric Care with Agentic AI: Promise, Challenges, and a Roadmap Forward</article-title>
            <source>npj Digital Medicine</source>
            <volume>9</volume>
            <elocation-id>No</elocation-id>
            <pub-id pub-id-type="doi">10.1038/s41746-026-02453-4</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B25">
        <label>25.</label>
        <citation-alternatives>
          <mixed-citation publication-type="other">Floridi, L., Buttaboni, C., Gertler, N., Hine, E., Morley, J., Novelli, C., <italic>et al</italic>. (2026) Agentic AI Optimisation (AAIO): What It Is, How It Works, Why It Matters, and How to Deal with It. <italic>Minds and Machines</italic>, 36, Article No. 25. https://doi.org/10.1007/s11023-026-09779-8 <pub-id pub-id-type="doi">10.1007/s11023-026-09779-8</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.1007/s11023-026-09779-8">https://doi.org/10.1007/s11023-026-09779-8</ext-link></mixed-citation>
          <element-citation publication-type="other">
            <person-group person-group-type="author">
              <string-name>Floridi, L.</string-name>
              <string-name>Buttaboni, C.</string-name>
              <string-name>Gertler, N.</string-name>
              <string-name>Hine, E.</string-name>
              <string-name>Morley, J.</string-name>
              <string-name>Novelli, C.</string-name>
              <string-name>Is, H</string-name>
              <string-name>Works, W</string-name>
            </person-group>
            <year>2026</year>
            <article-title>Agentic AI Optimisation (AAIO): What It Is, How It Works, Why It Matters, and How to Deal with It</article-title>
            <source>Minds and Machines</source>
            <volume>36</volume>
            <elocation-id>No</elocation-id>
            <pub-id pub-id-type="doi">10.1007/s11023-026-09779-8</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B26">
        <label>26.</label>
        <citation-alternatives>
          <mixed-citation publication-type="other">Olujimi, P.A., Owolawi, P.A., Pretorius, A. and Van Wyk, E. (2025) Mapping the Research Landscape of Agentic AI in SMMEs through a Bibliometric Analysis of Patterns and Knowledge Gaps. <italic>Discover Artificial Intelligence</italic>, 6, Article No. 63. https://doi.org/10.1007/s44163-025-00764-1 <pub-id pub-id-type="doi">10.1007/s44163-025-00764-1</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.1007/s44163-025-00764-1">https://doi.org/10.1007/s44163-025-00764-1</ext-link></mixed-citation>
          <element-citation publication-type="other">
            <person-group person-group-type="author">
              <string-name>Olujimi, P.A.</string-name>
              <string-name>Owolawi, P.A.</string-name>
              <string-name>Pretorius, A.</string-name>
              <string-name>Wyk, E.</string-name>
            </person-group>
            <year>2025</year>
            <article-title>Mapping the Research Landscape of Agentic AI in SMMEs through a Bibliometric Analysis of Patterns and Knowledge Gaps</article-title>
            <source>Discover Artificial Intelligence</source>
            <volume>6</volume>
            <elocation-id>No</elocation-id>
            <pub-id pub-id-type="doi">10.1007/s44163-025-00764-1</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B27">
        <label>27.</label>
        <citation-alternatives>
          <mixed-citation publication-type="other">Hasan, M.M., Li, H., Fallahzadeh, E., Rajbahadur, G.K., Adams, B. and Hassan, A.E. (2026) An Empirical Study of Testing Practices in Open Source AI Agent Frameworks and Agentic Applications. <italic>Empirical Software Engineering</italic>, 31, Article No. 124. https://doi.org/10.1007/s10664-026-10857-9 <pub-id pub-id-type="doi">10.1007/s10664-026-10857-9</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.1007/s10664-026-10857-9">https://doi.org/10.1007/s10664-026-10857-9</ext-link></mixed-citation>
          <element-citation publication-type="other">
            <person-group person-group-type="author">
              <string-name>Hasan, M.M.</string-name>
              <string-name>Li, H.</string-name>
              <string-name>Fallahzadeh, E.</string-name>
              <string-name>Rajbahadur, G.K.</string-name>
              <string-name>Adams, B.</string-name>
              <string-name>Hassan, A.E.</string-name>
            </person-group>
            <year>2026</year>
            <article-title>An Empirical Study of Testing Practices in Open Source AI Agent Frameworks and Agentic Applications</article-title>
            <source>Empirical Software Engineering</source>
            <volume>31</volume>
            <elocation-id>No</elocation-id>
            <pub-id pub-id-type="doi">10.1007/s10664-026-10857-9</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B28">
        <label>28.</label>
        <citation-alternatives>
          <mixed-citation publication-type="other">Dholakia, A., Wani, S.G., Ellison, D., Hodak, M., Dutta, D., Nagaraja, S., <italic>et al</italic>. (2026) Benchmarking Considerations for Agentic AI Systems. In: Nambiar, R. and Poess, M., Eds., <italic>Performance Evaluation and Benchmarking</italic>, Springer, 89-98. https://doi.org/10.1007/978-3-032-18070-4_6 <pub-id pub-id-type="doi">10.1007/978-3-032-18070-4_6</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.1007/978-3-032-18070-4_6">https://doi.org/10.1007/978-3-032-18070-4_6</ext-link></mixed-citation>
          <element-citation publication-type="other">
            <person-group person-group-type="author">
              <string-name>Dholakia, A.</string-name>
              <string-name>Wani, S.G.</string-name>
              <string-name>Ellison, D.</string-name>
              <string-name>Hodak, M.</string-name>
              <string-name>Dutta, D.</string-name>
              <string-name>Nagaraja, S.</string-name>
              <string-name>Nambiar, R.</string-name>
              <string-name>Poess, M.</string-name>
              <string-name>Benchmarking, S</string-name>
            </person-group>
            <year>2026</year>
            <article-title>Benchmarking Considerations for Agentic AI Systems</article-title>
            <source>In: Nambiar</source>
            <volume>89</volume>
            <pub-id pub-id-type="doi">10.1007/978-3-032-18070-4_6</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B29">
        <label>29.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Al-Bashrawi, M.A., Al-Sharafi, M.A., Elgendy, I.A., Helal, M.Y.I., Anbalagan, M.K., Chae, I., <italic>et al</italic>. (2026) Agentic AI Systems and the Future of Entrepreneurship: A Perspective on Co-Agency, Innovation, and Ecosystem Transformation. <italic>International Entrepreneurship and Management Journal</italic>, 22, Article No. 27. https://doi.org/10.1007/s11365-026-01164-2 <pub-id pub-id-type="doi">10.1007/s11365-026-01164-2</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.1007/s11365-026-01164-2">https://doi.org/10.1007/s11365-026-01164-2</ext-link></mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Al-Bashrawi, M.A.</string-name>
              <string-name>Al-Sharafi, M.A.</string-name>
              <string-name>Elgendy, I.A.</string-name>
              <string-name>Helal, M.Y.I.</string-name>
              <string-name>Anbalagan, M.K.</string-name>
              <string-name>Chae, I.</string-name>
              <string-name>Co-Agency, I</string-name>
            </person-group>
            <year>2026</year>
            <article-title>Agentic AI Systems and the Future of Entrepreneurship: A Perspective on Co-Agency, Innovation, and Ecosystem Transformation</article-title>
            <source>International Entrepreneurship and Management Journal</source>
            <volume>22</volume>
            <elocation-id>No</elocation-id>
            <pub-id pub-id-type="doi">10.1007/s11365-026-01164-2</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
      <ref id="B30">
        <label>30.</label>
        <citation-alternatives>
          <mixed-citation publication-type="journal">Khamis, A. (2026) Design and Evaluation of an Agentic AI Framework for Personalized Umrah Trip Planning. <italic>Arabian Journal for Science and Engineering</italic>, 51, 12299-12319. https://doi.org/10.1007/s13369-025-11021-z <pub-id pub-id-type="doi">10.1007/s13369-025-11021-z</pub-id><ext-link ext-link-type="uri" xlink:href="https://doi.org/10.1007/s13369-025-11021-z">https://doi.org/10.1007/s13369-025-11021-z</ext-link></mixed-citation>
          <element-citation publication-type="journal">
            <person-group person-group-type="author">
              <string-name>Khamis, A.</string-name>
            </person-group>
            <year>2026</year>
            <article-title>Design and Evaluation of an Agentic AI Framework for Personalized Umrah Trip Planning</article-title>
            <source>Arabian Journal for Science and Engineering</source>
            <volume>51</volume>
            <pub-id pub-id-type="doi">10.1007/s13369-025-11021-z</pub-id>
          </element-citation>
        </citation-alternatives>
      </ref>
    </ref-list>
  </back>
</article>