This article is part of VentureBeat’s special issue,” The cyber resilience playbook: Navigating the new era of threats” . , Read more from this special issue here.
Enterprises run the extremely real danger of losing the AI arms race to adversaries who build phony bots to automate attacks and use large language models ( LLMs) to sabotage them.
adversaries are trading on the credibility of genuine tools to create malware that doesn’t have a unique personal but instead relies on fileless execution, making the attacks frequently invisible. They do so by using conceptual AI to produce malware. As attackers aim to exploit human vulnerabilities at large, with the help of generation AI being frequently used to create large-scale automatic phishing campaigns and social engineering.
In its most recent , Gartner notes that “leaders in the terminal safety business are prioritizing integrated security solutions that unify endpoint detection and response ( EDR), extended detection and response (XDR), and identity protection into a single system. This change makes it possible for security teams to minimize richness while enhancing threat visibility.
The effect? A more sophisticated threat environment is moving at equipment speed while enterprise advocates rely on dated equipment and methods developed for a different era.
The size of these problems is staggering. Zscaler’s ThreatLabz indicated a nearly 60 % year-over-year increase in global phishing attacks, and attributes this increase in part to the development of general AI-driven methods. Likewise, Ivanti’s  ,  , found that , 74 %  , of businesses are already seeing the impact of AI-powered threats. And, nine in 10 managers said they believe that AI-powered risks are just getting started.
How can you possibly hope to keep up if you have enemies breaking out in two minutes and it takes you a day to absorb information and another day to conduct a search? Elia Zaitsev, CTO of noted in a new meeting with VentureBeat.
The new digital arms contest: Adversarial AI vs. protective AI on the terminal
Opponents, particularly hacking cartels and nation-state stars, are refining their tradecraft with AI, adding to their armaments faster than any business is keep up. Gen AI has democratized how enemies, from rogue intruders to large-scale cyberattacks operations, you build new arms.
” Even if you’re not an expert, general AI can create scripts or phishing emails on your behalf”, George Kurtz, CrowdStrike CEO and founder at the recent World Economic Forum, said in an .  ,” It’s never been easier for opponents. The good news is that if we effectively use AI on the defense part, we stand a very good chance of standing up.
According to Gartner,” AI-enhanced security tools should be viewed as force multipliers rather than as stand-alone replacements for conventional security measures.” Organizations must make sure that AI-driven solutions efficiently connect with people decision-making in order to reduce risks.
‘ chief security officer, Etay Maor, stated to VentureBeat that “adversaries are using AI to blend in with regular networking visitors, making them harder to spot.” The real problem is that AI-powered assaults are not a single occurrence, they’re a constant process of surveillance, dodging and adaptation”.
Cato outlined in its 2024 how it five times in the past year has expanded its secure access service edge ( SASE ) cloud platform, including Cato XDR, Cato endpoint protection platform ( EPP ), Cato managed SASE, Cato digital experience monitoring ( DEM), and Cato IoT/OT Security, all of which aim to streamline and unite security capabilities under one platform. ” We’re not just taking promote”, said Shlomo Kramer, Cato co-founder and CEO. ” We’re redefining how companies connect and secure their operations, as AI and sky change the security environment”.
The future of zero believe will be unified devices and personalities. Advisors are quick to capitalize on unchecked agent spread, which is made more unreliable by a rise in lots of identities ‘ data being essential to a terminal. Afflictors have a better chance of winning when using AI to manage surveillance on a scale.
All these aspects, taken up, set the stage for a new period of AI-powered terminal protection.
Terminal security powered by AI attendants in a new period of integrated defense
Tradition approaches to end security — interdomain trust relationships, expected trust, perimeter-based security designs, to name a few — are no longer enough. If any network’s security is based on expected or conveyed trust, it is as great as breached now.
Also, relying on stable defenses, including antivirus software, boundary firewalls or, worse, endpoints with dozens of agents loaded on them, leaves an organization just as vulnerable as if they had no computer defense strategy at all.
According to Gartner, “workplace security risks include identity fraud, phishing, and data eavesdropping.” Organizations need a systematic approach to workplace safety that places the employee at the center of security and combines security across system, email, identity, data, and application access controls to address these issues.
Daren Goeson, SVP of integrated terminal administration at Ivanti, underscored the growing problem. ” Laptops, laptops, cellphones and IoT products are essential to modern enterprise, but their expanding figures create more possibilities for intruders”, he said. ” Severe security threats can be exposed to an unpatched risk or outdated technology. However, as their numbers increase, so do the chances for adversaries to take advantage of them.
Goeson emphasizes the value of unified surveillance and AI-powered terminal management in order to reduce risks. ” AI-powered security devices you analyze vast amounts of data, detecting inconsistencies and predicting threats more quickly and accurately than human analysts,” he said.
Vineet Arora, CTO at , agreed:” AI tools excel at quickly analyzing large data across logs, endpoints and network traffic, spotting simple patterns first. They develop their understanding over time, automatically putting off suspicious activities before serious harm can occur.
Cato Networks ‘ recognition as a leader in the further underlines this industry shift, according to Gartner. By combining networking and security features with a single cloud-based platform, Cato enables organizations to address endpoint threats, identity protection, and network security in a single approach, which is crucial in a time when adversaries seek to exploit any visibility gap.
Integrating AI, UEM and zero-trust
Experts concur that AI-powered automation improves , slashing response times, and preventing security gaps. Businesses gain real-time visibility across devices, users, and networks by integrating AI with unified endpoint management ( UEM), proactively identifying security gaps before they can be exploited.
By proactively preventing problems”, the strain on IT support is also minimized and employee downtime is drastically reduced,” said Ivanti’s field CISO Mike Riemer.
Arora added that, while AI can automate routine tasks and highlight anomalies”, human analysts are critical for complex decisions that require business context — AI should be a force multiplier, not a standalone replacement.”
To counter these threats, more organizations are relying on AI to strengthen their frameworks. Zero trust is made up of systems that continuously verify each access request while AI actively detects, investigates, and, if necessary, neutralizes each threat in real time. EDR, XDR, and identity protection are integrated into a single, intelligent defense system by advanced security platforms.
” When combined with AI, UEM solutions become even more powerful,” said Goeson”. Large datasets of data are analyzed by AI-powered endpoint security tools to identify anomalies and forecast threats more quickly and accurately than human analysts. With full visibility across devices, users and networks, these tools proactively identify and close security gaps before they can be exploited.”
AI-powered platforms and the growing demand for XDR solutions
Nearly all cybersecurity companies are quickly tracking projects involving AI and gen AI across their roadmaps and DevOps cycles. The goal is to improve incident response to threat detection, lower false positives, and develop platforms that can scale out with full XDR functionality. Vendors in this area include BlackBerry, Bitdefender, Cato Networks, Cisco, CrowdStrike, Deep Instinct, ESET, Fortinet, Ivanti, SentinelOne, Sophos, Trend Micro and Zscaler.
is also pushing a platform-first approach, embedding AI into its security ecosystem”. Security is a data game,” Jeetu Patel, EVP at , told VentureBeat”. If there’s a platform that only does email, that’s interesting. But if there’s a platform that does email and correlates that to the endpoint, to the network packets and the web, that’s far more valuable.”
Nearly every business interviewed by VentureBeat values XDR for unified security telemetry across endpoints, networks, identities, and clouds. XDR improves threat detection by integrating signals, increasing efficiency, and reducing alert wear.
Riemer highlighted AI’s defensive shift:” For years, attackers have been utilizing AI to their advantage. However, 2025 will mark a turning point as defenders begin to harness the full potential of AI for cybersecurity purposes.”
Riemer noted that endpoint security is shifting from reactive to proactive. Security teams ‘ ability to identify early warning signs of attacks is already being altered by AI. With little downtime for employees and no IT support required, AI-powered security tools can identify patterns of device underperformance and automatically perform diagnostics before an issue has an impact on the business.
Arora emphasized:” It’s also crucial for CISOs to assess data handling, privacy and the transparency of AI decision-making before adopting such tools — ensuring they fit both the organization’s compliance requirements and its security strategy.”
Cato’s 2024 rollouts exemplify how advanced SASE platforms integrate threat detection, user access controls, and IoT/OT protection in one service. This consolidation reduces security teams ‘ workload and supports a true zero-trust strategy, ensuring ongoing verification across devices and networks.
Conclusion: Embracing AI-driven security for a new era of threats
Adversaries are moving at machine-speed, using newest AI to launch targeted phishing campaigns, circumvent traditional defenses, and use advanced technology to create sophisticated malware. The conclusion is clear: Legacy endpoint security and patchwork solutions are insufficient to shield against threats that were meant to outmaneuver static defenses.
Enterprises must embrace an AI-first strategy that unifies endpoint, identity and network security within a zero-trust framework. The key to identifying and mitigating evolving threats before they cause a full-on breach is in AI-powered platforms, which are built with real-time telemetry, XDR capabilities, and predictive intelligence.
As Kramer put it”, The era of cobbled-together security solutions is over. Organizations choosing a SASE platform are positioning themselves to actively combat AI-driven threats. Cato, among other leading providers, underscores that a unified, cloud-native approach — marrying AI with zero-trust principles — will be pivotal in safeguarding enterprises from the next wave of cyber onslaughts.