Automating Phishing Triage With Agentic AI and Knowledge Graph Memory on Databricks

Phishing attacks remain a persistent threat, exploiting human trust through sophisticated impersonation. In this session, we present a Databricks-based compound agentic system using knowledge graphs, multiple agents, and MLflow to automate triage of reported phishing emails at scale, reducing analyst workload and accelerating threat response. We walk through scalable pipelines built on Spark Structured Streaming and Delta Lake, then describe how our knowledge graph provides long-term memory, storing historical emails to enable reasoning across campaigns. We demonstrate agentic orchestration with LangGraph where specialized agents use tools to analyze headers, sender reputation, body content, URLs, and behaviors before producing triage decisions with reasoning traces. We cover evaluations, observability, including hallucination detection, metrics, and tracking with MLflow. Join us to learn practical patterns that combine multi-agent reasoning with production workflows on Databricks.