How AI Is Accelerating The Race Between Hackers And Corporate Security Teams
TL;DR
Corelight CEO Brian Dy explains how AI has compressed the vulnerability-to-exploit window from weeks to hours, forcing organizations to shift from perimeter defense to internal network visibility that can precisely trace attack paths and minimize the scope of breach disclosures.
🛡️ The Open-Source Foundation 3 insights
From Academic Tool to Global Standard
Corelight originated as a network analysis utility created by a postdoc at Lawrence Berkeley National Lab, growing over 15 years of National Science Foundation funding into a commercial platform serving 300,000 security professionals.
Elite Customer Profile
Approximately 70% of Corelight’s revenue comes from critical infrastructure, defense departments, and intelligence agencies across the Five Eyes and NATO allies, an unusual top-down market approach for a cybersecurity startup.
Dual-Path Adoption
Customer acquisition splits evenly between organizations already using the open-source Zeek project and 'zero to Zeek' enterprises that adopt the commercial solution after recognizing its use among elite defensive teams.
⚡ AI-Accelerated Threat Landscape 3 insights
Exploit Velocity Collapse
Generative AI has reduced the time between vulnerability disclosure and active exploitation from three weeks to three hours, with one customer enduring 23,000 attacks during a single 72-hour patching window.
Attacker Skill Democratization
AI tools enable less sophisticated threat actors to execute advanced techniques previously limited to nation-states, effectively sedimenting complex attack methods down to entry-level hackers.
The Human Vulnerability
Attackers leverage AI for sophisticated social engineering, including audio and video spoofing, and scrape LinkedIn to target new employees with smishing attacks within 30 days of their hiring announcement.
🔍 Detection and Response Strategy 3 insights
Visibility Inside the Egg
Corelight focuses on detecting anomalous activity after perimeter breaches occur—the 'yolk' rather than the 'shell'—identifying when attackers 'live off the land' using legitimate internal tools to remain stealthy.
Ransomware Negotiation Advantage
Precise attack path tracing allowed one customer to disprove a $10 million ransomware claim by proving attackers accessed only 10% of threatened data, providing board-level confidence to refuse payment.
Minimizing Disclosure Scope
Detailed forensic visibility enables organizations to meet SEC breach notification requirements with ground-truth data, potentially reducing disclosure from tens of thousands of affected individuals to thousands based on actual rather than assumed compromise.
Bottom Line
Organizations must supplement traditional perimeter defenses with AI-powered network detection that provides complete internal visibility, enabling security teams to trace precise attack paths and minimize both financial and reputational damage when breaches inevitably occur.
More from Forbes
View all
Meet The CEO Behind This $90 Million Plan Expanding HBCUs In Private Finance
Marcus Shaw, CEO of Alt Finance, discusses deploying a $90 million, 10-year commitment to diversify private equity and venture capital by training HBCU students through an apprenticeship model that creates a sustainable talent pipeline for alternative investments.
The Future Of Healthcare Is Powered By AI And Companies 'Can't Afford To Wait,' Says Ex-Google Exec
Former Google executive Katie Jacob Stanton explains why vertical AI applications in healthcare represent venture capital's next frontier, emphasizing that successful health tech requires founders with deep clinical domain expertise rather than just technical pedigrees, and warns that companies must balance innovation timing with ruthless capital efficiency to avoid flaming out before markets mature.
The Translator: How This Entrepreneur Found Her Voice In Finance
Nicole Valentine, Senior Director of Fintech at the Milken Institute, discusses her role as a 'translator' between Washington policymakers and financial innovators, exploring how stablecoins, prediction markets, and regulatory modernization are shaping the future of global finance.
Automate The Mundane, Elevate The Human: Inside Publicis Sapient's AI Strategy
Teresa Barrera explains why companies should avoid 'random acts of AI' and instead transform workflows before deploying technology. She details how Publicis Sapient deconstructed work into 900 tasks to let AI handle 80% of tactical work while experts train agents, enabling staff to focus on high-value activities.