How Attackers are using AI and how to defend against them, by an incident responder turned AI researcher.

This talk analyzes how attackers’ use of AI is amplifying existing cyber threats, making them more sophisticated and numerous. Particularly, how attackers are using AI to enhance phishing campaigns, automate social engineering, conduct influence operations, and craft malware—significantly reducing the time to exploit vulnerabilities. We’ll review recent publications by top AI labs exposing malicious uses of AI, including the potential for identifying new exploits and zero-day vulnerabilities.

We’ll demonstrate that AI training methods can predict which offensive activities AIs will excel in, offering insights into attackers’ capabilities and informing defenders on how to prioritize their efforts. By understanding these patterns, security teams can better anticipate future threats. As AI technology continues to improve, these threats are expected to escalate, leading to higher alert volumes, shorter exploitation windows, and increased discovery of vulnerabilities.

We’ll highlight the implications for security teams and discuss strategic preparation steps: adopting advanced application security programs, protecting application perimeters against zero-days, managing legacy code challenges, and leveraging AI-powered solutions to enhance your Security Operations Center (SOC) and improve security automation. Attendees will gain actionable insights to fortify their defenses and stay ahead in the evolving cybersecurity landscape.