2026·05·07 · 31:32
Everyone Has a Cape: AI in the Attacker–Defender Arms Race (CloudFest 2026)
A CloudFest 2026 panel I moderated on how AI is reshaping both sides of the security arms race. Defenders get automated patching, smarter detection, and faster triage; attackers get the same capabilities, and they tend to move first. We dug into what that does to service providers caught in the middle, and what changes when discovery-to-breach time approaches zero. Panelists: Robert Jacobi (Blackwall), Aaron Campbell (Monarx), Oliver Sild (Patchstack), and Igor Seletskiy (CloudLinux).
0:02 It is completely changing. We're all here to tell you that the volume, the types of exploits uh you know how how can you manage real intent uh are are critical. So look at all the layers and address all the layers. I think it's key that you address all the layers. There's a lot of people like companies who just like don't want to think about security and I think they should just Guys, I was when I was preparing this, I
0:33 there's a lot of things that you can talk about, but I think the AI has caused a lot more security issues to be found, reported, and created. Um, so let me start with my first question and I'm gonna give it to Oliver first because he he already had a remark about the question itself. But if discovery to breach really hits zero, how does how do we defend if we find a bug and and it's immediately exploited
1:05 everywhere? So if everyone is immediately attacking uh the security issue within seconds, how do we defend? So um we just analyzed like 2025 data where we took vulnerabilities that were uh discovered and then made public and then we because we are applying those mitigation rules per vulnerability and deploying it through the hosting companies then we see how fast these attacks are coming in against these specific vulnerabilities the average time of mass exploitation was at 5 hours um so I don't know anyone managing
1:37 website uh when there's like a software update available are they going to like you know especially like, you know, have update coming out like 1:00 a.m. Uh, and then are you going to wake up in the morning and doing the update before that 5 hour? Um, quite unlikely. Um, and I think that applies across the board like uh I just mentioned when uh I was uh wipe coding a lovable website uh and then I was looking just doing like a really simple tonut website and looking into you know uh what's what it's what AI is making it with. uh and it came out
2:11 of the box with 149 dependencies. Um obviously like you know when when I get started with it it is you know up to date and things like that but what's happening in six months you know what's going to happen when a new vulnerabilities being found there what happens when there's a supply chain overtake of that those components which is happening quite quite often in uh in NodeJS um so it's um I think this uh you know it's easier than ever in the world to find new vulnerabilities and we're dealing with a lot of slop AI reports as well I think everyone in the open source ecosystem is dealing with a lot of volume of you know vulnerability reports
2:43 coming in that link back to open claw files and then you like okay who actually sent that um and then yeah I think this is also something that the hackers are using to be able to also find the vulnerabilities fast because it is possible to also you know figure out with exploitation and people who in the past were like called script kitties are now like skip kitties on steroids who can you know just kind of like almost have like the same level of capabilities than some of the apt um I I think it's going to be a cat and the mouse game. Uh we're just going to
3:14 have different tools to, you know, play that game. So, uh it's just going to get more intense. Aaron, do you see anything changing in that regard on the Monarch side? Definitely. I I think that the the shorter that that time frame becomes, the harder the old process is of recognizing the issue, coming up with the fix, rolling it out. to your point, like is someone going to be up in that five hour gap and ready to update all their production systems in that time
3:47 and those kinds of things. Um, and so I think that we're seeing a shift toward less can we recognize this one specific vulnerability and more can we recognize behaviors and patterns that indicate this could be bad even if we had never seen the actual vulnerability before. And I think more and more security systems, no matter what layer you sit at, are going to have to move towards that more behavior-based
4:19 understanding what might be happening even if we've never seen that exact action before. Because if it becomes if there's if if that time really reaches zero where there is no time to prepare between when it's discovered and when it's exploited, you just have to be prepared for that ahead of time. watching for it. Yeah. And and I and I think that's a that's a significant shift in the way things have happened, but I think it's it's the way that these kinds of um AI tools that the
4:50 hackers are now employing is is kind of pushing our industry. So, I want to get to these other guys, but the guy next to me has moderated more sessions than I'm ever going to do in my life and was pointing out to me that I forgot to actually introduce these guys to you. Um, so let's do that real quickly first. So you can start, right? Oh, I can start because I picked up before. Uh, I'm Robert Jacobe, chief experience officer at Black Wall. We focus on security and intentbased visibility, which Aaron was kind of touching on with
5:21 behavioral uh, measuring uh, at the DNS level, firewall level uh, for security. Eager. So I'm founder of Cloud Linux. We do minifi. We sit on like 64 million websites protecting them. Founder of patch tech uh focusing on vulnerability discovery and application uh specifically like you know application runtime uh security on the on the kind of the deepest end I guess. Uh VP of product at Monarchs and we
5:54 focus on solving the the malware issue especially across the hosting environments. It's you mentioned layers eager. How do you see this industry as in like do you look at it as a layers yourself? Oh yeah. Oh yeah definitely. I mean there is definite like security and depths and all the layers are part of security overall and we have to go there. Let me if you don't mind I'm going to address one of the points which I found interesting. So yes, we're also
6:25 seeing that uh since the vulnerability gets discovered uh the time for exploit is very short. What we haven't noticed is the roll out of the um exploit like actual exploitations taking shorter amount of time. So before it would take like after uh hackers weaponize the vulnerability it would take them anywhere from 18 to 30 days to attack the fleet. It's still the same
6:57 time frame. So if you think that hey if I don't upgrade in 5 hours I'm done. No, not at all. You still have days before they actually get to your site. And I think it creates a little bit more time and uh a little bit less panic that the Erin and I are just looked at each other like well I I don't know that that has been our experience. I do think I mean you might be one of the lucky ones that is
7:29 million websites. So we have we sit on two layers. So we actually sit on multiple layers. We see IPS, we see actual exploits and we see malware. So we see all of that and we can tell you that this particular malware uh on this particular server was delivered through this particular vulnerability. We're I think the only people here who can see all three. It takes 18 to 30 days for them to roll out the campaign. It doesn't take five hours for them to roll out. You're not going to hit your
8:01 particular site is not going to be hit within 5 hours. Some sites will be hit within 5 hours, but they simply cannot hit 60 million of sites or 600 millions of sites with the attack at the same time. Yeah. But to the I think we're yes the huge volume of sites fine. Yeah, I can't hit 600 million sites at one time, but the threats are getting so sophisticated that it's like I want to target these, you know, 2,000 financial institutions. Oh, of course.
8:34 And so that vulnerability uh time to uh exploit to deployment of destruction that's shrinking down to zero. So that's why you need to stop in all the other layers with with the most uh specific tools to handle that 100%. If you're running uh websites that are critical infrastructure, if you're running websites doing tens of millions in dollars in transactions, 100%. You have to be there. You have to be there all the time. You have to fix it right away. If you're running a small
9:07 e-commerce shop, you'll be day 10, day seven, maybe day three. Is that your feeling too, Oliver? I see you. I mean for example we released this white paper uh and what we did actually we partner with monarchs in that sense because as eager said like we don't have the visibility into what is happening with the malware or like when the malware is getting injected what we do have a visibility to is when every single other layers of ws are failing uh on the network level on the server level and when the WordPress like when the
9:40 vulner specific vulnerability is being exploited inside of a WordPress site you know plugin or something. That's where we see exactly when it's you know happening. And I think a like what benefit we have in a sense is that because like 76% of all known security vulnerabilities in the WordPress ecosystem are coordinated by us. So we are like literally sitting on like we are the one making this information public then we have like a very good visibility in sense of when it's actually getting published even many times before they even get the CVE right
10:11 and then once they are getting hit with like this you know against the virtual patch because we are making them at the same time and we are deploying the mitigation rules the moment when the vulnerability is published to the world so this gives us the visibility in terms of when these specific vulnerabilities are being exploited but I'm not talking about generic attacks So but when connecting that with monarchs data we can actually like we gave them the uh the iOS like indications of attacks like we came the payloads and everything so they could basically cross reference that back into malware that is being connected to that. So that allowed us to
10:42 kind of like cross the entire loop and that's where we came to that data and that five hours data is actually not really like like business critical websites like I mean these are like just it's it's an average of everything. Um so it's like all kinds of It's an average of everything who have already installed your software. So to a degree it's it is secure people who are security minded who who probably So this is like five hours is when we published the vulnerability and we get a hit against this um real quick the because I know that the
11:13 numbers in the WordPress ecosystem are changing really quickly. Uh I recently saw not all of you might look at the WordPress ecosystem and and you'd be right in many ways. Um, but I recently saw that the plugins team for WordPress.org was asking for more people because they're getting more plug-in submissions than we've ever seen and the number of new plugins being created is going up dramatically. Does that cause a lot more uh issues to be reported as well? Well, what we like
11:44 we are having a significant issue right now with AI slop reports coming in to like we are running this bug bounty program where anyone can find vulnerabilities in the plugins, report them to us and we help them coordinate that. We act as a security point of contact for some of the biggest plugins in the WordPress ecosystem. So if someone finds something, we kind of like help them to filter out, you know, stuff. But you you're getting way more than last year. Significantly more. In January alone, we got 1,500 reports, you know, you know, so and we have to kind of like churn through all of that. I mean, there's
12:16 literally cases where we see uh some ethical hackers uh who have been doing or who now want to get into bug bounty and they have like set up open claw machines and say like, "Hey, you are a bug bounty hunter go into those bug bounty programs, find vulnerabilities and report them, bring money back home." Um, and we now need to deal with all of that volume. Um so it's definitely a challenge from a security kind of a process perspective as well. In that in that same vein and not specifically in the WordPress space only because we we protect against anything
12:49 on the server not not just WordPress but the number of like globally unique malicious files has so significantly increased year-over-year. Especially I was looking back at the numbers from like say 2022 to now when AI really started being used a little bit more till now it's more than 2xed every year and it's it's gone up a little and like last last year we saw like 8.6 6 trillion you and that's massive and it
13:22 has just ramped up and I expect that that's going to continue both with the the plugins being written by AI or just malware being written reobfusated and thrown back out there again and again and again and that's just what you're seeing at that level because what we're working at the DNS level you know we're seeing what it's almost 60% this year easily we'll hit 60% % of all internet traffic is some kind of bot traffic. And of that bot traffic, you're looking at at least half of that at least is bad
13:56 malicious traffic or all attempts. So 30 plus% of the entire in is being run by thieves, bots, malicious actors, uh vulnerability uh scams. But that's great. So we can log out and nothing happens to the internet. That's right. So um AI is being used to create stuff and and to create more security issues. But eager are you also already using AI to create more defenses? Oh yeah, of course. I mean I think we should expect the next two years to be somewhat uh attackers are winning uh
14:27 because uh it will take for everyone to catch up. It will take for people to upgrade. But I am very optimistic. I see that we will be able to catch up on security and then it will be significantly harder for attackers to attack and uh uh software will get more secure to the level uh that uh the number of successful attacks will drop to 10% of what we're seeing today. How's that true for you? I mean we we started as sort of an AI machine
14:58 learning first security company to detect vulnerabilities and as we've gone through sort of the level of the uh changes in how traffic looks like on internet on the internet we're we're now looking sort of traffic management 3.0 like it's a more this is a gentic universe of traffic. Uh the trick is and I love that Eron mentioned it earlier is finding the intent of the traffic because you're not going to be able to go through you know 1500 you know in January 2000 in February you know 35,000
15:29 at the end of the year vulnerabilities. You need to be able to understand the the patterns that are being created by agents versus what normal humans like all of you guys are doing and how you interact with the website. Because if that's how you interact with the website, the bot will try to do that, but they're just not they're still bots and you know they're there's signatures and tweaks and the way they try to reach out to your website. It could be the best sort of agentic evil bot. Uh but it's going to leave a trail that's different because maybe it'll try to hit
16:01 that login box too quickly or uh or so. So it's a cat and mouse game of of improving that thing. Um Erin, how is this working at Monarch? Are you using AI to Absolutely. I I mean to to be able to process the amount of of data that I'm talking about us us pulling through and and really make sense of it and be able to um put it back to use to to protect all of our customers. Um we're absolutely using AI for that. One of the things that I find important to bring up
16:32 every time I say that though is that um it's not just like AI out there running and doing its own thing. It also requires that expert team steering it constantly. What like the more I've worked with it over the last like six or eight months especially and really dug in dug in deep with our team um the more I'm realizing that AI is fantastic as long as you are keeping it steered correctly on the path and saying yes find me more of this kind of behavior so that we can recognize it earlier. No,
17:05 ignore that kind of behavior. Um, but it's it's extremely powerful in turning that helping us turn that data into those behaviors that we want to be able to recognize um, in order to find those those bad actors that he was talking about before you might have an actual hard signal that they're a bad actor just because of the way they came in or what they're doing or the kinds of things that they're accessing. So Oliver, you're getting in tons of reports that are created by AI. Are you already using AI to to look at those
17:36 reports? So last year we spent quite significant time and actually in partnership with uh Google because we were in the Google AI and cyber security program where we started like we've we've we've run this bug bounty program for 5 years where humans are sending us reports well used to be humans um send us these reports where it's very detailed of like what this new vulnerability looks like it's a PC. This is the data that is not available to anyone else than us. So we started basically building on top of that to create essentially like a
18:09 security researcher that is that has been in our community and basically make an AI version of that. The problem is that every time every every 3 months or something when you get to a point where you know it's doing pretty well then you get a new model and then you're like okay let's start building it again. Uh so that has been kind of like a challenge and I I would see like one problem that has not gone away with AI specifically when it comes to finding new vulnerabilities is it's it's so confident that it's right when it's not and then when security teams have to
18:40 churn through all of this vulnerability information you at one point are you know kind of like I'm going to use AI to find vulnerabilities and it's going to find these vulnerabilities but it's also going to tell you that there's like 1,000 other things that are not vulnerabilities and then you compare to a researcher who was like okay I'm just going to do code review go through the stuff and then just find the real things it's almost like the same amount of work is being done because on one hand you need to do just so much revalidation and when it comes to like kind of like this kind of security vulnerability finding and things like that like the the margin
19:11 of error you are going to have is so slim that that is that is the challenge there but this is definitely you know something that we're working on and honestly speaking that is the only way forward because it is impossible for anyone to do anything manually here to be able to go and kind of like deal with all this volume of vulnerability reports coming in. So it's the volume that's really the volume is too high. It's not possible to have almost any manual interaction in this process. So let's go back a tiny bit. We we've
19:42 talked about a attackers using AI, but what does that look like? How do they actually use it? Do we have any idea? I I have a good idea. So it's kind of interesting. So right now we're starting to provide web application firewall for um WordPress and the way we develop rules like within minutes after uh vulnerability being published all you have to do you give old code and new code to AI you have a WordPress instance
20:13 that is set up by AI with all those plugins it will figure out how to it will figure out the vulnerability how to abuse this vulnerability It can create a solution for that patch, web application, firewall, rule, everything. So all they need is old code, new code and knowledge that there is vulnerability and it's minutes to deliver the I I 100% see this. So like I when I used to run the WordPress security team, one of the things that like I stopped committing code to
20:44 WordPress for a while because it was an indicator that people were using that was like, "Oh, that's probably a security related thing because the head of the security team committed it to the right and so people have always been watching big open- source repositories and that kind of stuff. The fact that they can now have AI say here's the old, here's the new. tell me what in this could be exploited. Um, it makes it so much, it's not that they never did that before, but it's so much easier and
21:16 faster for them now. And so I do think that right now a lot of what we're seeing is the old the the same stuff that we've been dealing with for many, many years, but just amplified and sped up in a way that we've never experienced before. I mean, we could go back 30, 40 years when you had modems and dialing up and demon dialing, trying to get all the phone numbers and then going, you know, dumpster diving for credit card receipts and passwords and now it's the digital version of all that because everything's online. So, everyone's computer is now a dumpster that's ready to be exploited. And then then there's all the uh
21:48 fascinating Well, it's true. And it's all dumpst Yeah. But then you get all these fun like now pro uh prompt injection attacks where people are, you know, I'm just going to attach my calendar to whatever uh LLM and have some fun with it. And then some questions going to come in and my local LLM will automatically answer that. And in that answer is all of a sudden an exploit and a package delivered and now everyone's computer becomes another bot that is attacking all of our systems and services. So it the breath of it. So there's the volume, the speed, but also
22:19 the breath of being able to uh create all sorts of new and unique kinds of vulnerabilities and exploits. Uh you know, from a geek perspective, it's fascinating because it's like, wow, that's really cool. Wait a minute, that's really bad. And then that's why, sorry, I'm going to interrupt you again, but I mean, that's why you have us all on here because we're attacking at different stages except for cloud Linux. But I mean if we look at there's sort of that network layer, the application layer, the infrastructure layer and the the onion approach to security will always be the best because you're you're trying to knock out as many things at every level.
22:51 So you know you only have to really I think Oliver called that the Swiss cheese approach to security. It's actually not called by me but I think someone else called it this way but it's very good example. Yeah. Um something I want like uh this approach that you were talking about like you know comparing the diffs for example. So this is exactly the way how exploits are being done. So this is exactly the way why like this you know the the time to attack is so short because that's what we but what has been done uh for the past I don't know few years already as well. Now it's just like writing this exploit is also a lot
23:22 easier and kind of like deploying the attacks. But uh but something yeah like uh we we've been monitoring the same way like all these diffs. Uh but something that I see is changing the attack surface quite a lot and specifically in in terms of like WordPress is agencies are just like now vip coding like 30% of the WordPress site is vipcoded there's like nojs infused to WordPress react all kinds of stuff is being infused there Laravel is being basically put together
23:53 there as well so it's like if you're looking at WordPress vulnerabilities um and if you're kind of like just focused on that which we have been for a while then it's all it's going to be basically impossible to to secure a WordPress site at the point because WordPress is now going to merge with so much of the other stuff and that actually increas like the attack surface is being increased significantly um like even if we look into like some of those AI generated plugins like we've been looking into them the amount of dependencies that are being nested inside of these plugins is significantly
24:26 higher I mean but it makes sense right AI is trained on open source code and if you look into open source code it's all like you know basically dependencies all all over the place. So all your customers are paying you guys to deal with this stuff and then the security reports end up back in open source repositories where an open source maintainer has to take care of of that security report. And one of the things I mentioned this morning on our opening panel is I think the funding of that is a real big problem because the amount of things coming in is causing a well
24:58 basically a lot of work for open source maintainers. Do you think there's a responsibility for you your customers to start funding some of that security work on the open source projects? Boy, oh boy. We're getting into the land of misery of the commons. Misery of the commons. Yeah. It's where everyone wants to use it. No one wants to pay for it. Yeah. No, I I I fully agree. But but do you think that I mean I think the problem will be solved differently. I think uh within the next
25:31 6 to9 months we will see models improving a little bit more. But more importantly, we will have skills, rules, etc. for models on how to analyze the code for security vulnerabilities and fix it. And the cost of those fixes will drop. so much uh that you'll have two kind of maintainers. Those that maintainers who are in denial and will say I'm not using AI, I'm better and you should never use their code again. And those who are using AI and their code
26:03 will go through all those checks, safety checks, etc. Uh that counteracts what hackers are doing with the same AI to detect the vulnerability. So like do I have this vulnerability? Do I have this? Do I have this? They have this fix it, fix it, fix it, fix it. And it will be costing us 50 cents per plugin and we will find a way to sponsor it. It will not be significant amount of money. It's I mean open source is you know free as in beer not as in speech. So you get to have that stuff out there but doesn't mean
26:35 that u that money magically comes back to open source. I it's just the case. Every open source project has this issue. uh unless there's you know some kind of lead company that's you know pushing and you saw that with Linux uh you don't have that without you know IBM and all those other folks who uh are putting that money in because they're protecting their own assets. So, you know, with WordPress, you you have a few uh companies that are, you know, spearheading that. You have that with Drupal. You have that with a lot of projects. And it's kind of
27:06 if you're entire business model is based on WordPress, you're pretty likely contributing to it one way or another. Um it it's it's almost hard not to. Whether you give that money directly to the foundation, for example, that's maybe a different story. And I think it more to Eager's point that it's got to be somehow that that pain needs to be spread out in different ways. Yeah. In a very idealistic way, I think that while while obviously my job, my company, like that's it, that's all
27:37 because the web is kind of a a a dangerous and and um I don't know constantly attacked place. But I I want to see because all of us, not just us that are super into tech, but just people in general, our lives are more and more and more online and our data is more and more online. So the it the idealistic bit of let's improve security everywhere we can all across the web like that's part of why I do what I do
28:09 because I think that that's great and the areas that I can make the biggest difference in right now are the biggest hosts that help the most people right and and that's that's my path in if I can find a solid path into helping open source projects solve those problems too I would I would happily Um, but I think that for me it's not just open- source versus not. It's how can I help make the internet a cleaner, better place and where can I be most effective with that at the moment. Yeah, I would not expect any project be
28:42 able to handle you know zcond exploits. It's it's just not going to be possible. Um, because so you need a security layer. I mean I we have about two minutes left and I want to actually try and get out of each and everyone four of you one tip for like what should people do to improve their security stance in the next year. What is really changed that they that they should act on uh spend resources on it. A lot of folks are like okay I did this you know two years ago my my security is up to date. It is completely changed and we're all
29:13 here to tell you that the volume the types of exploits uh you know how how can you manage real intent uh are are critical. So look at all the layers and address all the layers. I that I think key thing address all the layers. Eigor I mean you you simply cannot run unprotected today. I think you will not be able to run for at least two years unprotected. I don't think you should have run unprotected before and you
29:44 should not run protected later but for the next two years it will be it will be bloody. It will be bloody bloody. That's a good point. I think also there's a lot of people like companies which just like don't want to think about security and I think they should just find someone who does. uh like if you don't want to think about it and it feels like something that is like confusing and it's like too much just find someone that does the thinking for you. uh just don't leave it as something that you're like no you know
30:15 so so it turns out to be a human problem not a I I honestly speak think that security is a human problem and it's going to be even a bigger problem in the future when like we talked in the panel opening panel today about like this cognitive decline of people uh with you know basically not thinking anymore because they let everything done by AI um and I think we are becoming more prone to scams we are becoming more prone to everything ultimately, you know, someone is going to take advantage of that. Very good. I I think that Robert pretty much hit it
30:47 on the the head, right? Give it focus, give it time, give it resources because it really is necessary and it is changing so much. What what you did that was working before probably isn't now. So, you should give it some some time and focus and and figure out if what what you need to do next. Okay, with that, we've come to the end of our time. I want to ask you to join me and have a warm applause for these