AI Agents: The New Frontier in Cybersecurity Defense and Threat

Reviewed byNidhi Govil

8 Sources

Share

AI agents are being integrated into corporate cybersecurity defenses, while also posing new threats as attackers leverage AI for more sophisticated attacks. This dual-edged development is reshaping the cybersecurity landscape.

The Rise of AI Agents in Cybersecurity

In a significant shift in the cybersecurity landscape, artificial intelligence (AI) agents are being increasingly integrated into corporate cyber defense strategies. This development comes as a response to the growing sophistication of cyber threats, many of which are now leveraging AI themselves

1

2

.

Brian Murphy, CEO of ReliaQuest, highlights the challenge faced by larger companies in detecting, containing, investigating, and responding to cyber threats. He emphasizes that AI is helping to filter out noise and automate lower-tier work, allowing human cybersecurity professionals to focus on more critical tasks

1

.

Agentic AI: A New Ally in Cyber Defense

Several cybersecurity firms have introduced what they call "agentic AI" or AI agents to augment human capabilities in threat detection and response. ReliaQuest, for instance, has launched GreyMatter Agentic Teammates, which are autonomous, role-based AI agents designed to take on tasks typically performed by detection engineers or threat intelligence researchers

1

.

Source: CNBC

Source: CNBC

These AI agents are not intended to replace human cybersecurity professionals but rather to enhance their capabilities. Justin Dellaportas, CISO at Syniverse, describes the adoption of agentic AI in cybersecurity as a "crawl, walk, run methodology," emphasizing the need for gradual implementation and verification of effectiveness

1

.

AI-Powered Threats: The Other Side of the Coin

While AI is bolstering defenses, it's also being weaponized by attackers. The rise of generative AI and large language models has empowered cybercriminals with tools to create more convincing deepfakes, personalized phishing campaigns, and sophisticated malware

1

2

.

Source: TechRadar

Source: TechRadar

CrowdStrike's recent threat report reveals a dramatic increase in cloud intrusions and identity-driven attacks. The report highlights that 81% of observed attacks were malware-free, relying instead on credential abuse and lateral movement techniques

5

.

The North Korean Threat and AI Exploitation

One of the most concerning developments is the sophisticated use of AI by state-aligned threat actors. CrowdStrike's research uncovered that North Korean operatives, identified as the FAMOUS CHOLLIMA group, have infiltrated over 320 companies in the past year, marking a 220% year-over-year increase

2

3

.

These operatives are using AI throughout their attack lifecycle, from creating synthetic identities for job applications to managing multiple simultaneous employment positions. This level of AI integration represents a fundamental shift in enterprise security threats

2

3

.

Industry Response and New AI Tools

In response to these evolving threats, cybersecurity vendors are rapidly developing new AI-powered tools. At Black Hat 2025, numerous announcements were made regarding agentic AI applications and platforms

2

.

Source: SiliconANGLE

Source: SiliconANGLE

Cisco made a significant contribution by releasing Foundation-sec-8B-Instruct, an open-source conversational AI model built exclusively for cybersecurity. This model outperforms larger general-purpose models on security tasks while running on a single GPU, offering a promising tool for security teams

2

.

Challenges and Concerns

Despite the potential benefits, the integration of AI in cybersecurity also raises new concerns. Researchers have identified vulnerabilities in AI coding tools and the potential for malicious injections into AI models used by major companies

4

.

There's also growing concern about the security of AI agents themselves. CrowdStrike warns that agentic AI systems have become a "core part of the enterprise attack surface," with hackers now targeting the tools used to build these AI agents

3

4

.

The Road Ahead

As the cybersecurity landscape continues to evolve rapidly, organizations are advised to implement phishing-resistant multi-factor authentication, isolate privileged accounts, and strengthen help desk protocols. Continuous monitoring for anomalous behavior is also crucial in this new AI-driven security environment

5

.

The integration of AI in both cyber defense and offense marks a new era in digital security. While AI agents offer powerful tools for defenders, they also present new challenges and potential vulnerabilities that must be carefully managed.

TheOutpost.ai

Your Daily Dose of Curated AI News

Don’t drown in AI news. We cut through the noise - filtering, ranking and summarizing the most important AI news, breakthroughs and research daily. Spend less time searching for the latest in AI and get straight to action.

© 2025 Triveous Technologies Private Limited
Instagram logo
LinkedIn logo