{"id":5793,"date":"2025-11-14T11:10:00","date_gmt":"2025-11-14T11:10:00","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=5793"},"modified":"2025-11-14T11:10:00","modified_gmt":"2025-11-14T11:10:00","slug":"fighting-ai-with-ai-adversarial-bots-vs-autonomous-threat-hunters","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=5793","title":{"rendered":"Fighting AI with AI: Adversarial bots vs. autonomous threat hunters"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

I recently gave a presentation at SecTor <\/a>on proactive threat hunting<\/a>, which sparked some meaty conversations afterward on the show floor. On the expo floor, surrounded by \u201cAI-first\u201d security vendors, the CISOs and threat hunters I spoke with were worried. They\u2019re worried because AI can elevate script kiddies into elite hackers with advanced capabilities and legions of adversarial AI bots and we\u2019re not prepared for that \u2014 at least, not yet.<\/p>\n

\n<\/div>\n

While there\u2019s no doubt AI holds great potential for cybersecurity, in practice, it\u2019s mainly being used to automate what we\u2019re already doing. For companies to stand a chance, we need new approaches to AI-powered defense, not optimized ones.<\/p>\n

The asymmetry problem<\/h2>\n

Attackers already have systemic advantages that AI amplifies dramatically. While there are some great examples of how AI can be used for defense, these methods, if used against us, could be devastating. For example, XBOW<\/a> is an autonomous pen-testing bot, created by a startup of the same name. It\u2019s a security product and an impressive one at that. This summer, for the first time in bug bounty history, XBOW\u2019s autonomous penetration tester reached the top spot on the HackerOne leaderboard for several months running.<\/p>\n

It\u2019s important to note that while its pen-testing bots were completely autonomous, there were still humans in the loop. Aside from HackerOne requiring human review of findings before submission, XBOW built specialized infrastructure to help it prioritize scans. Even so, its findings were impressive \u2014 including discovering a previously unknown vulnerability in Palo Alto Networks\u2019 GlobalProtect VPN solution, affecting over 2,000 hosts. I encourage you to read up on how XBOW accomplished this<\/a>, as well as how practitioners responded<\/a>.<\/p>\n

Clearly, AI can absolutely turbocharge pen testing, completing in minutes what typically takes humans hours or days. But companies still need to patch. And as we know, the more tools you have, the more alerts you get. AI can help with prioritization, but the reality is that most companies don\u2019t have the visibility or context they need to fully automate remediation.<\/p>\n

This has been an issue since the days of IDS vs. IPS<\/a> and still persists today<\/a>. It\u2019s not just about detecting and validating threats \u2014 it\u2019s about how fast companies can respond to them, especially in highly complex environments.<\/p>\n

I once worked at a company with one million endpoints that spun 50,000 servers up and down daily. Every one of those 50k events had a ripple effect on the environment. At another company, we had 2,000 instances of Log4j to patch. Like many of my peers, lacking context about which instances posed the biggest threat, we started patching Internet-facing systems and then moved on to internal ones after. I\u2019m sure that many of those instances were dead ends. But because we had no way to tell, we had to fix them all.<\/p>\n

It\u2019s hard to gain context at that scale. Most companies have multiple defensive layers \u2014 and they all have flaws. Using weaknesses in those layers, attackers weave through them and create attack paths. The question is: How are we finding those paths before they do?<\/p>\n

With that in mind, think about how a bad actor could leverage a tool like XBOW. Or Hexstrike-AI \u2014 another agent-based defense tool that acts as an orchestration and abstraction layer<\/a> for coordinating large numbers of specialized AI agents to launch complex operations at scale. It was co-opted by hackers to exploit three zero-day vulnerabilities affecting NetScaler ADC and NetScaler Gateway appliances<\/a> within 12 hours of disclosure.<\/p>\n

Now do you see why we\u2019re so concerned?<\/p>\n

The identity problem<\/h2>\n

Another huge problem with adversarial AI bots is that they are often hard to spot. Most attackers don\u2019t break in \u2014 they log in. Credential abuse remains the primary way attackers breach their targets<\/a> because humans are still susceptible to phishing and least-privilege access remains a hard problem to solve. And just when we start to make some progress, major tech innovations such as the move from on-premises to cloud-native IT add technical debt, additional complexity and new risks. It\u2019s truly a game of whack-a-mole.<\/p>\n

Bots further complicate identity security because humans consent to having agents act on their behalf. But agents, like humans, can be over-permissioned. That opens the door for hackers to hijack legitimate agents \u2014 ones that have consent to act on behalf of a person or company \u2014 and hijack their intent.<\/p>\n

Furthermore, bots operate 24\/7, weaving through defenses without fatigue. Defensive bots must meet them on this terrain. They need to be just as smart as adversarial bots and able to determine, in real time, whether an agent\u2019s actions align with its intended purpose. Given that most cyber exposures are caused by human error \u2014 accidental insider threats \u2014 we also need defensive bots to save users from themselves. According to the 2025 Verizon DBIR, 60% of breaches involved human error.<\/p>\n

The case for digital twins in security<\/h2>\n

Hopefully, by now I\u2019ve built the case for why incremental improvements won\u2019t cut it. I\u2019m not saying that they aren\u2019t helpful or welcome, I just don\u2019t believe they\u2019ll level the playing field. However, one area of promise I\u2019m excited about is the use of digital twins for real-time threat modeling.<\/p>\n

Digital twins started out as physical twins, developed by NASA to assess and simulate conditions on board Apollo 13 after its oxygen tanks exploded early in the mission. They played an essential role in troubleshooting the technical issues the astronauts 200,000 miles away were experiencing and were widely credited<\/a> with helping bring them home safely.<\/p>\n

The \u201ctwin\u201d concept slowly evolved from physical to digital, but got a boost in 2020 when IoT devices matured enough to serve as sensor technology capable of replicating complex environments. This opened the door to their use in robotics, manufacturing and healthcare \u2014 from simulating surgeries to optimizing cancer care \u2014 and, of course, IT.<\/p>\n

Large enterprise defense involves endless mundane tasks (patching, backups, etc.). Automation helps, but every environment change \u2014 even a positive one \u2014 can create new attack paths to critical assets that are invisible to defenders. Digital twins help teams quickly understand which attack paths are riskiest and prioritize remediation much more effectively than existing tools can.<\/p>\n

AI bots and digital twins equal 24\/7\/365 attention on security<\/h2>\n

I often say that security practitioners can\u2019t solve problems that we don\u2019t know about, which is why proactive threat hunting is so important \u2014 if we\u2019re not hunting for threats, we won\u2019t find them. Certainly not as easily as XBOW showed us agentic AI bots can. Human-based threat hunting is limited by human ability, time and friction in production. The use of AI bots within a digital twin enables continuous, multi-threaded threat hunting and attack path validation without impacting production environments. This addresses the prioritization challenges that security and IT teams struggle with in a meaningful way.<\/p>\n

Really, digital twins offer the same benefits to security teams as physical twins provided to NASA scientists more than 55 years ago: accurate simulations of how a given change might impact large, complex and highly dynamic attack surfaces. Plus, it\u2019s exciting to imagine how the UX might evolve to help defenders visualize what\u2019s happening in unprecedented ways.<\/p>\n

Think big<\/h2>\n

AI is a truly transformational technology and it\u2019s exciting to think about how AI defense can evolve over the next few years. I encourage product builders to think big. Why not draw inspiration from science fiction? From Philip K. Dick, William Gibson, Isaac Asimov and Neal Stephenson to the century-ahead works of Jules Verne, we can seed our collective imagination with insights from artists and futurists.<\/p>\n

In the fight against malicious AI, I\u2019m optimistic that our humanity will be our biggest asset. If we can conceptualize it, AI can help us build it.<\/p>\n\n

This article is published as part of the Foundry Expert Contributor Network.
Want to join?<\/a><\/strong><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

I recently gave a presentation at SecTor on proactive threat hunting, which sparked some meaty conversations afterward on the show floor. On the expo floor, surrounded by \u201cAI-first\u201d security vendors, the CISOs and threat hunters I spoke with were worried. They\u2019re worried because AI can elevate script kiddies into elite hackers with advanced capabilities and […]<\/p>\n","protected":false},"author":0,"featured_media":5794,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-5793","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/5793"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5793"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/5793\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/5794"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5793"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5793"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5793"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}