Wiz chief technologist Ami Luttwak on how AI is transforming cyberattacks 

“One of the main things to understand about cyberquacy is a mind game,” said Amy Lutwak, chief technologist at the cybercuity firm. EquityThe “If a new technology wave is coming, there is a new opportunity for it [attackers] To start using it. ”

When initiatives rush to embed AI in their workflows – Vibbe coding, AI agent through integration or new equipment – the attack surface is expanding. AI helps developers to ship quickly, but that speed often comes with shortcuts and mistakes, creating new openings for the attackers.

Wiz, which was Earned by Google for $ 32 billion early this yearLutwalk said that he recently conducted the tests and found that the insecurity of a common problem authentication in VIBB coded applications – a system that verifies a user and confirm that they are not attackers.

“It happened because it was easy to make,” he said. “Vib coding agents do what you are saying and if you don’t ask them to make it in the most secure way” it won’t. ”

Lutwalk mentions that there is a constant trade -off today for companies chosen between fast and protected. However, developers do not just use AI to move fast. The attackers are now using vibe coding, prompt-based techniques and even their own AI agents to launch exploitation, he said.

Lutwalk said, “You can actually see that you are using the requests to attack the attacker.” “This is not just the attacker siblings coding The attacker looks for the II tools you have and tells them ‘Send me all your privacy, delete the machine, delete the file’

In these landscapes, the attackers are also looking for entry points in new AI equipment that companies roll out internally to enhance efficiency. Lutwalk says that these integration can be “supply chain attack”. Attackers may be deepened in corporate systems by compromising a third -party service that has wide access to an organization’s infrastructure.

Last month when DRIFT – selling AI chatboat for sale and marketing – this was violated when a startup was violated, Hundreds of Enterprise Release Sales Force Data to Customers Like Cloudflair, Palo Alto Network and Google. The attackers obtained access to the token or digital keys and used their chatboats, to make the Query Salesforce data query and to transfer the customer to the environment.

Lutwalk said, “The attacker pushed the attack code, which was created using VB coding.”

Lutwalk says that although the enterprise of AI equipment is still minimal – he thinks that about 1% of initiatives have been fully taken by AI – Wiz is already watching attacks every week that affects thousands of enterprise customers.

“And if you look at [attack] The flow, the AI ​​was embedded in every step, “Lutwalk said.” This revolution is faster than the revolution we have seen in the past. This means that we need to move more fast as an art “”

Lutwalk pointed to the chain attack on another large supply known as “S1 Injultary” in August NXJavaScript is a popular build system for developers. The attackers were able to reveal malware on the system, which later detected the presence of AI developering tools like Claud and Jemini and hijack them to scan the system autonomously for valuable data. The attack compromised on thousands of developer tokens and keys, providing access to the attackers’ personal guithab repository.

Lutwalk says that despite the threat, it was an exciting time to become a leader of the cybersICuality. Wiz, founded in 2021, originally focused on identifying and dealing with incorrect configuration, weakness and other security risks throughout the cloud environment.

In the past one year, Wiz has expanded its capabilities to maintain the speed of AI-related attacks-and to use AI for its own products.

Last September, the Wiz Wis Code launched that the development process concentrated on protecting and securing the software development cycle by detecting and alleviating the development process, so that the companies could “protect” by design. In April, the Wis Wis Defend launched, which provided the active threat to the cloud environment and fell in response to Ruptime Protection.

Lutwalk said that the applications of their customers in favor of Wiz are essential if the startup helps him as “horizontal protection”.

“We need to understand why you are making it … so that I can make the security tool that had never been before, the security equipment that you understand,” he said.

‘From the first day you need to have a Siso’

As a result of the democraticization of AI equipment, the promise to solve enterprise pain points as a result of the flood of new startups. However, Lutwalk says that the initiatives should not only be shipped to all their companies, employees and customer data “Every small Saas company where there are five employees that they only say, ‘Give me all your data, and I will give you amazing AI insight.” ”

Of course, if these startups have any value for their offer, that data is needed. Lutwalk says that it means that they are responsible for ensuring that they have been acting like a protected company from the beginning.

“From the first day you need to think about protection and consent,” he said. “From the first day you need to have a CISO (Chief Information Security Officer). Even if you have five people.”

Before writing a single line of the code, startups should be thought of as a highly protected organization, he said. They need to consider entrepreneur protection features, monitoring logs, authentication, production access, development practice, security ownership and single sign-on. From the beginning, planning this way does not mean that the processes do not have to overcome later and the lootwak does not have to be called “protection debt”. And if you aim to sell in initiatives, you will already be ready to protect their data.

“We were loyal to SOC 2 [a compliance framework] Before we have the code, “he said.” And I can talk to you a secret. SOC 2 consent for five employees is much easier than 500 employees “”

The next most important step in startups is to think about architecture, he said.

“If you have an AI startup that you want to focus on the enterprise from the very first day, you need to think about an architecture that allows customer data to stay in the customer’s environment.”

Cyber ​​security is seeking to enter the field in the AI ​​era for startups, Lutwalk says time. From phishing protection and email protection to malware and last point protection, everything is for both the fertile fields for both attackers and defenders. It is also the same fact in startups that can help “protect” vibes in workflow and automation equipment, as many security teams still do not know how AI can use to protect AI.

“The game is open,” said Lutwalk. “If every field of protection now has a new attack, it means that every part of our protection has to be revisited.”