Radical Geek field note
Securing the Future: Defending Against AI-Powered Vulnerability Discovery
AI can now find vulnerabilities faster than traditional security processes can respond. Defence needs to move at machine speed too.
Originally published on LinkedIn on 10 April 2026.
The attacker’s kill chain is accelerating. Not incrementally. Exponentially.
Frontier AI models can discover software vulnerabilities with a speed and thoroughness that makes quarterly penetration tests and manual patch cycles look dangerously slow. If attackers can probe at machine speed, defenders cannot operate on calendar speed.
This is not a future problem. It is a now problem.
Continuous Code Auditing
Scheduled code review is no longer enough. Security analysis needs to run inside the development pipeline: every commit, every merge, every deployment.
The models doing this work cannot be treated as glorified static analysers. They need access to architecture, dependencies, tests, and operational context so they can spot risk patterns that rule-based tools may miss.
Secure-by-Design
Auditing existing code is necessary, but the most secure vulnerability is the one never written.
AI-assisted architecture review can catch insecure patterns before implementation. Hardened service templates, standard authentication, input validation, logging, dependency policies, and deployment controls should be built into the service chassis from the start.
Security belongs in the architecture, not only in the review queue.
Supply Chain Security
Modern software sits on towers of dependencies. AI changes the scale of the risk because the same automated analysis that finds a weakness in one library can scan entire ecosystems.
SBOM generation, dependency monitoring, transitive risk analysis, and production-aware scanning need to become routine. Your code may be clean. Your dependency tree probably is not.
Zero Trust and Containment
When discovery accelerates, perimeter thinking collapses. Every service should authenticate every request. Network segments should be isolated. Sessions should be continuously validated. Blast radius matters because compromise cannot be ruled out.
Zero trust is not a product. It is an architectural posture.
Agentic Patch Management
The traditional patch loop is too slow: discover, assess, schedule, test, deploy.
Agentic patch management shortens that loop. The system detects a patch, evaluates risk, runs tests, prepares a change, and can deploy or escalate according to policy. Humans move from manual operators to reviewers of higher-order decisions.
Defending the Defenders
If AI agents are part of the security layer, they are also part of the attack surface.
Prompt injection, malicious inputs, model manipulation, and data exfiltration through tool use all become security concerns. AI security agents need their own boundaries: hardened instructions, source separation, output filtering, least-privilege tools, and observability.
Do not let the shield become another unmonitored service.
Machine-Speed Incident Response
Incident response cannot wait for a human to read an alert, open a ticket, and schedule a meeting for every known scenario.
Well-understood containment actions should be pre-authorised: isolate a service, rotate credentials, block a suspicious range, disable a token, roll back a deployment. Humans should handle judgement, ambiguity, and strategy. The routine moves at the speed of the attack.
The Shift
The organisations that survive AI-powered vulnerability discovery will be those that build defence into every layer: architecture, code, supply chain, deployment, monitoring, and incident response.
The attacker now moves at machine speed. Your defence must too.
Book a Call