Palo Alto Networks has conducted initial testing with some of the most advanced AI models of the moment, known as Frontier AI. These include Anthropic’s Mythos model, as part of Project Glasswing, and the latest proposals from OpenAI within the Trusted Access for Cyber program.
From these tests, the company has observed that generational advances in the programming capability of these models have a direct impact on the cybersecurity field, significantly improving vulnerability identification as well as exploit creation.
They also warn that, although these systems have protective mechanisms, their capabilities will not remain fully contained. According to their conclusions, it is foreseeable that malicious actors will find weaknesses in these safeguards and use advanced artificial intelligence to locate zero-day vulnerabilities at scale, develop exploits almost in real time, and create autonomous attack agents with unprecedented sophistication in the industry.
“Within six months, advanced AI models with deep cybersecurity capabilities will become routine, and organizations that have not implemented adequate safeguards will face a whole new class of risks across their enterprise and critical infrastructure”, state Palo Alto Networks experts.
Frontier AI and Its Impact on the Cybersecurity Landscape
Hundreds of top security engineers at Palo Alto Networks have evaluated these capabilities and developed best practices for effective use, discovering that:
- Frontier AI is exceptionally effective at identifying vulnerabilities in code. In less than three weeks, it achieved what would take a full year of penetration testing work.
- Even more impressive, Frontier AI excels at chaining vulnerabilities, combining multiple minor flaws into critical-level exploitation paths.
- Frontier AI can analyze the entire exposure surface of applications, including SaaS platforms and internet-facing services, identifying logic-based vulnerabilities that traditional tools fail to detect.
Key areas where Frontier AI will have a significant impact on cybersecurity include:
- Frontier AI models will drastically accelerate the pace of vulnerability discovery. This will be especially critical in open-source code, and the resulting wave of patches will generate new risks.
- Rise of “inside-out” attacks: recent supply chain attacks on tools like LiteLLM and Trivy demonstrate a growing pattern where adversaries position themselves within an organization’s infrastructure, evading multiple traditional attack phases and reducing prevention opportunities for defenders.
- The key shift with frontier AI models is the move from AI-assisted attacks to AI-driven attacks. Attackers will build autonomous attack agents that drastically reduce attack cycle times. What once required days or weeks of manual effort will soon be executed in minutes.
Guidance for Defenders
Organizations that are “mostly protected” are “effectively unprotected,” warn Palo Alto Networks experts, who offer recommendations on the necessary framework to defend against AI-driven threats:
- Every organization should employ the most advanced AI models to evaluate all their code and application environments, building a comprehensive inventory of assets and exposure, focusing on priorities like identifying vulnerabilities with AI, assessing exposure with full context, auditing open-source supply chains, and mapping current sensor coverage.
- Remediation and exposure reduction are fundamental requirements. What was once difficult due to friction between teams to detect and fix vulnerabilities quickly must now be accelerated with executive committee focus on these new AI models. However, it’s necessary to go further and implement comprehensive attack prevention capabilities at the highest level.
- With the accelerated reduction of attack cycles, traditional security operations approaches become invalid. Disconnected tools analyzing siloed data, combined with manual processes, should be replaced by AI and end-to-end automation.
Palo Alto Networks is setting the industry standard to address these emerging risks with its Unit 42 Frontier AI Defense. The company is also fostering an alliance of global transformation leaders, starting with Accenture, Deloitte, IBM, NTT DATA, and PwC, which will continue to expand ensuring all companies have a fast track to AI resilience.