Wiz chief technologist Ami Luttwak on how AI is transforming cyberattacks 

“One of the most important things to understand about cyber security is that it is a mind game,” Ami Luttwak, chief technologist at CyberSecurity Firm WIZ, told WAN about a recent episode of Equity. “If a new technology wave is coming, there are new possibilities for it [attackers] To use it. ”

While companies are hurrying in their workflows in their workflows – whether through atmospheric coding, AI agent integration or new tooling – the attack surface is expanding. AI helps developers send code faster, but that speed often comes with shortcuts and errors, creating new openings for attackers.

Wiz, which was taken over by Google for $ 32 billion earlier this year, has recently performed tests, says Luttwak, and discovered that a common problem in mood -coding applications was an uncertain implementation of the authentication – the system that verifies the identity of a user and ensures that they are not an attacker.

“That happened because it was just easier to build that way,” he said. “Atmospheric codes do what you say, and if you have not told them to build it in the most safe way, not.”

Luttwak noted that today there is a constant assessment for companies that choose between being fast and are safe. But developers are not the only ones who use AI to move faster. Attackers now use atmosphere coding, promptly based techniques and even their own AI agents to launch exploits, he said.

“You can see that the attacker now uses prompts to attack,” said Luttwak. “It is not only the coding of the attacker atmosphere. The attacker is looking for AI tools that you have and tells:” Send me all your secrets, delete the machine, delete the file. ”

In the midst of this landscape, attackers also find access points in new AI tools that roll out companies internally to stimulate efficiency. Luttwak says that these integrations can lead to ‘supply chain attacks’. By jeopardizing a third -party service that has broad access to the infrastructure of a company, attackers can then run deeper in business systems.

That is what happened last month when Drift – a startup that sells AI -Chatbots for sales and marketing – was violated, so that the Salesforce data of hundreds of business customers such as Cloudflare, Palo Alto Networks and Google were exposed. The attackers gained access to tokens, or digital tests and used them to present themselves as the Chatbot, ask the data from Salesforce and to move laterally in customer environments.

“The attacker pushed the attack code, which was also created with the help of atmospheric coding,” said Luttwak.

Luttwak says that although the acceptance of AI tools is still minimal – he thinks that about 1% of the companies have fully adopted AI – Wiz has already seen attacks that influence thousands of business customers every week.

And if you go to the [attack] Flow, AI was embedded with every step, “said Luttwak.” This revolution is faster than every revolution we have seen in the past. It means that we as an industry have to move faster. ”

Luttwak pointed to another important attack by the Supply Chain, called ‘S1ingularity’ on NX in August, a popular Build system for JavaScript developers. Attackers managed to unleash malware in the system, which then detected the presence of AI developer tools such as Claude and Gemini and hijacked them to scan the system autonomously on valuable data. The attack compromised thousands of developer sticks and keys, giving attackers access to private Github repositories.

Luttwak says that despite the threats, this has been an exciting time to be a leader in cyber security. Wiz, founded in 2020, was originally aimed at helping organizations to identify and tackle wrong configurations, vulnerabilities and other security risks in cloud environments.

In the past year, WIZ has expanded its possibilities to keep the speed of AI-related attacks and use AI for its own products.

Last September, Wiz Code launched Wiz code that focuses on protecting the life cycle of software development by identifying and reducing security problems early in the development process, so that companies can be “protected by design”. In April, WIZ WIZ launched defense, which offers runtime protection by detecting and responding to active threats within cloud environments.

Luttwak said it is vital for WIZ to fully understand the applications of their customers if the startup will help with what he calls ‘horizontal security’.

“We have to understand why you are building it … so that I can build the security tool that no one has ever had before, the security tool that you understand,” he said.

‘From the first day you must have a CISO’

The democratization of AI tools has resulted in a stream of new startups that promise to resolve the pain points of Enterprise. But Luttwak says that companies should not only send their business, employee and customer data to “every small Saas company that has five employees only because they say:” Give me all your data and I will give you amazing AI insights. ”

Of course, those startups need that data if their offer will have some value. Luttwak says that it is for them to ensure that they operate as a safe organization from the start.

“From the first day you have to think about security and compliance,” he said. “From the first day you must have a CISO (Chief Information Security Officer). Even if you have five people.”

Before you write a single line code, startups should think as a very safe organization, he said. They must take into account enterprise security functions, audit logs, authentication, access to production, development practices, security possession and some registration. Planning from the start in this way means that you do not have to overhaul later and you to ask what Luttwak calls ‘security debt’. And if you want to sell to companies, you are already prepared to protect their data.

“We were Soc2 compatible [a compliance framework] Before we had code, “he said.” And I can tell you a secret. Getting SOC2 -compliance for five employees is much easier than for 500 employees. ”

The next most important step before startups is to think about architecture, he said.

“If you are an AI startup that wants to concentrate on Enterprise from the first day, you must think about an architecture with which the data of the customer can remain … in the customer environment.”

For startups of cyber security who want to get into the field in the AI ​​era, Luttwak says it’s time. Everything, from phishing protection and e -mail security to malware and end point protection, is a fruitful ground for innovation, both for attackers and defenders. The same applies to startups that can help with workflow and automation tools to do ‘atmospheric security’, because many security teams still do not know how to use AI to defend themselves against AI.

“The game is open,” said Luttwak. “If every security area now has new attacks, this means that we have to reconsider each part of the security.”