Outsmarting AI-powered cyber attacks: Endpoint defense for 2025


Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More


Adversaries are unleashing new tradecraft to exploit any weakness they can find in endpoints, relying on generative AI (gen AI) to create new attack weapons of choice.

What’s troubling is how fast their arsenals are growing. That’s evident in the speed and scale of phishing campaigns, deepfake videos, and social engineering attacks. Over 67% of phishing attacks relied on AI last year, and 61% of security leaders are seeing phishing campaigns created at scale with AI chatbots attacking their organizations. Deloitte predicts deep fake-related losses will soar to $40 billion by 2027, growing at a 32% compound annual growth rate.

Cybersecurity teams who have successfully battled endpoint attacks tell VentureBeat it’s common for adversaries to perform reconnaissance months in advance of an attack to identify weaknesses in endpoints.  

All it takes is a quick phone call to the internal service desk for a password or MFA reset at the right time, and they’re in.

Endpoints facing an onslaught of new AI-based attacks 

Adversaries are prioritizing and fast-tracking attacks on endpoints using every available source of automation to scale their efforts, with gen AI and machine learning (ML) being the core attack technologies of choice.

Financial services, healthcare, manufacturing, distributors, and core businesses in complex supply chains are the primary targets. Creating chaos in a financial services supply chain is a ransomware multiplier.

“Because of the nature of our business, we face some of the most advanced and persistent cyber threats out there,” Katherine Mowen, The Rate Companies’ SVP of information security, told VentureBeat in a recent interview. “We saw others in the mortgage industry getting breached, so we needed to ensure it didn’t happen to us. I think that what we’re doing right now is fighting AI with AI.”

Adversaries’ AI-based weapons are getting so advanced that a breach could be going on for months without an organization’s security team seeing it. The average time it takes to identify and contain a breach is 277 days, with 176 days to recognize it and 82 days to contain it, based on IBM’s latest Cost of a Data Breach Report. Weaponized AI is making it harder for enterprises to close that gap.

“If you’ve got adversaries breaking out in two minutes, and it takes you a day to ingest data and another day to run a search, how can you possibly hope to keep up with an adversary like that?” Elia Zaitsev, chief technology officer at CrowdStrike, told VentureBeat recently.

One in three organizations doesn’t have a documented strategy for defending against AI and gen AI threats. Ivanti’s 2024 State of Cybersecurity Report found that 89% of CISOs and senior IT leaders believe AI-powered threats are just getting started.

The majority of security leaders, 60%, fear their organizations are not prepared to defend against AI-powered threats and attacks​. Ivanti’s research found that phishing, software vulnerabilities, ransomware attacks, and API-related vulnerabilities are the four most common threats. It’s no coincidence that these four methods are seeing their greatest gains from gen AI.   

Endpoint protection urgently needs more speed

“The adversary is getting faster, and leveraging AI technology is a part of that. Leveraging automation is also a part of that, but entering these new security domains is another significant factor, and that’s made not only modern attackers but also modern attack campaigns much quicker,” Zaitsev says.

Etay Maor, chief security strategist at Cato Networks, noted during a recent VentureBeat interview that Cato Networks is already seeing cases “where attackers are trying to circumvent AI-based systems by giving them prompt injections, or not necessarily prompt[s], but injecting information into the AI system and trying to convince it that what it’s looking at is not malicious, but rather benign.”

Maor continued, “We participate and monitor in different underground forums and see hundreds of AI applications popping up. I think organizations don’t realize what is happening on their network, and the big headache will be once we see the malicious ones slip through the cracks.”

“Every day we identify about one and a half million brand new attacks that have never been seen until now,” said Shailesh Rao, president of Palo Alto Networks’ Cortex division. “The attacks are becoming so sophisticated, the needle changes billions of times a day. Would you rather write rules or apply machine learning to all this data?”

Vasu Jakkal, corporate vice president, security, compliance and identity at Microsoft, painted an even starker picture in an interview with VentureBeat. “Three years back in 2021, we saw 567 identity-related attacks, which were password-related; that’s many attacks per second. Today, that number is 7,000 password attacks per second and over 1,500 tracked threat actors.”

Four areas where every endpoint provider needs to excel with AI in 2025  

Endpoint, identity, and multi-domain attacks are dominating the enterprise threatscape today, fueled in part by new tradecraft invented using gen AI.

Endpoint providers need to make progress on data ingestion, incident prioritization, automating triage and repose, and improvising attack path analysis. Leading endpoint providers delivering AI-based endpoint protection platforms include Cato Networks, Cisco, CrowdStrike, Microsoft, Palo Alto Networks, SentinelOne, Trend Micro, and Zscaler, with CrowdStrike using AI and ML as core components of its strategy since its founding in 2011.

Here are four key areas every vendor needs to take action on this year:

Speeding up data ingestion and normalization: AI helps endpoint vendors quickly parse logs from endpoints, SaaS apps, and on-premise servers, mapping data to a universal schema. This has the potential to cut analysis time from days to minutes.

Improving incident identification and follow-on actions: AI-powered correlation engines sift through millions of alerts, narrowing them to a few high-value leads using time-series data, IOAs, and custom models to prioritize the most critical incidents.

Accelerating how the endpoint platform triages and responds to intrusion attempts: AI-driven tools assist with advanced searches, generate remediation scripts, and reduce manual forensics time from hours to minutes. Pre-built playbooks enable quick actions, such as isolating endpoints or blocking malicious IPs.

Enabling a more proactive posture and improving attack path analysis: AI identifies likely intrusion routes by combining threat intelligence, vulnerabilities, user permissions, and network data, and then recommends targeted fixes to block multiple attack paths.

A playbook for 2025: 12 must-dos to close the AI gaps in endpoint security

Battling AI attacks with AI needs to start at a more strategic level than it currently does in many organizations. It goes beyond overloading endpoints with yet another agent, or requiring users to authenticate across multiple identity management systems. AI needs to be at the very core of the cybersecurity stack.

The following 12 must-dos form a pragmatic playbook for 2025, covering the key technologies, processes, and cultural shifts necessary to close the widening gaps in endpoint security.

  • SASE or SSE adoption: Adopt a converged SASE or SSE approach that blends zero trust with your network, endpoint, and identity data. Let AI monitor everything in real time so you don’t miss threats that siloed tools can’t see.
  • Semantic data modeling for unified visibility: Standardize logs across the cloud, endpoints, and identity systems into one model. Let AI parse and normalize the data so your team gets the full picture fast.
  • AI-based triage and playbooks: Use an XDR or similar system aligned with zero trust to reduce dwell times. AI-driven playbooks help orchestrate responses in minutes, not days.
  • Signal-like engines for threat prioritization: Correlate data across your zero-trust architecture to catch stealthy threats. AI can help surface suspicious patterns so you can focus on real problems first.
  • Identity threat prevention: Lean on zero-trust principles for real-time posture checks and privilege analytics. AI blocks attackers who try to pivot with stolen credentials or tokens.
  • Proactive hardening via attack path analysis: Enforce zero trust from the start to limit lateral movement. AI pinpoints the fewest fixes that block multiple paths in one pass.
  • Explainable AI and governance: Trace every AI-driven decision so your board and regulators trust it. Zero trust means no black boxes. Maintain visibility into AI’s logic.
  • Use specialized AI over generic models: Train models on real attacker tactics within a zero-trust framework. You’ll see fewer false positives and more accurate detection.
  • Continuous model tuning and dataset refreshes: Update AI models regularly to keep up with evolving threats. Zero trust is dynamic, so your data pipelines should be, too.
  • Human-in-the-loop validation: Even with zero-trust automation, human insight matters. Analysts refine AI findings to catch nuanced threats and cut down on false alarms.
  • Automated incident response orchestration: Integrate AI playbooks with zero-trust checks across endpoints, firewalls and identity. Once vetted, responses propagate instantly.
  • End-to-end zero-trust integration: Verify at each step of the kill chain. Combining AI detection with strict access controls forces attackers to overcome fresh barriers at every turn.

Bottom Line

As attackers pivot beyond traditional endpoints, organizations must unify threat data and accelerate their defenses across hybrid infrastructures. This is why many leading vendors need to accelerate their efforts by focusing on AI-driven solutions that handle data ingestion, correlation, and automated response in real time.

The playbook above points the way toward reaching these goals and successfully defending against the AI-based adversarial attacks that are going to not only keep coming, but keep growing in sophistication.



Source link

Share

Latest Updates

Frequently Asked Questions

Related Articles

TikTok returns on Apple, Google app stores as Donald Trump delays ban

TikTok returned on the US app stores of Apple and Google on Thursday,...

Confused Senator Rages That Self-Driving Cars Are Woke

Senator Ted Cruz (R-TX) believes that topics as diverse as solar eclipses and self-driving...

AI’s biggest obstacle? Data reliability. Astronomer’s new platform tackles the challenge

Join our daily and weekly newsletters for the latest updates and exclusive content...
SULTAN88
SULTANSLOT
RAJA328
JOIN88
GFC88
HOKIBET
RUSIASLOT88
TAHU69
BONANZA99
PRAGMABET
MEGA55
LUXURY777
LUXURY333
BORJU89
QQGAMING
KEDAI168
MEGA777
NAGASLOT777
TAKSU787
KKSLOT777
MAS77TOTO
bandar55
BOS303
HOKI99
NUSA365
YUHUSLOT
KTP168
GALAXY138
NEXIA138
PETIR33
BOOM138
MEGA888
CABE888
FOSIL777
turbospin138
KAPAKBET
SUPERJP
sultankoin99
dragon88
raffi888
kenzobet
aladin666
rgo365
ubm4d
GERCEP88
VIVA99
CR777
VOXY88
delman567
intan69
CABE888
RNR303
LOGO303
PEMBURUGACOR
mpo383
cermin4d
bm88
ANGKA79
WOWHOKI
ROKET303
MPOXL
GURITA168
SUPRASLOT
SGCWIN
DESA88
ARWANA388
DAUNEMAS
ALADDIN666
BIOWIN69
SKY77
DOTA88
NAGA138
API5000
y200m
PLAYBOOK88
LUXURY12
A200M
MPO700
KENANGAN4D
cakrabola
PANDAGENDUT
MARVEL77
UG300
HOKI178
MONTE77
JASABOLA
UNTAR4D
LIDO88
MAFIABOLA77
GASPOL189
mpo999
untung138
TW88
JAGUAR33
MPOBOS
SHIO88
VIVO4D
MPOXL
JARISAKTI
BBO303
AONCASH
ANGKER4D
LEVIS4D
JAGO88
REPUBLIK365
BOSDEAL88
BOLA168
akunjp
WARTEGBET
EZEBET
88PULSA
KITAB4D
BOSDEAL88
STUDIOBET
MESINKOIN
BIMA88
PPNUSA
ABGBET88
TOP77
BAYAR77
YES77
BBTN4D
BBCA4D
VSLOTS88
MPO800
PAHALA4D
KPI4D
JURAGAN77
QQ188
BOLAPELANGI
C200M
QQ998
GWKTOGEL
MEGABANDAR
COLOWIN
VIP579
SEVEN4D
MPO188
DEWATA88
SURAT4D
SINAR123
LAMBO77
GUDANG4D
AWAN4D
PLANETLIGA
GT88
ROYALSPIN88
MAMAJITU
MITO99
PEDIA4D
WIBU69JP
333HOKI
SIDARMA88
NAGAEMAS99
HOLA88
CAKAR76
KINGTOTO
RATUGAMING
SSI168
PILAR168
ACTOTO
EYANGTOGEL
KAISAR328
SLOT628
KAISAR88
DOTA88
MAXWIN369
ALIBABA99
MM168
SQUAD777
NAGABET88
JAYABOLA
SEMPATIGAME
PANDAJAGO
PIKAT4D
SINGA77
YUYU33
MASTERPLAY99
VICTORY39
NASA4D
PERMATA55
SAKAUSLOT
CK303
MPOTOWER
CIPUTRABET
WINJUDI
DEWI5000
IYA777
MAHIRTOTO
GOSLOT88
TIPTOP4D
RAJA787
JBO680
JOKER188
EPICPLAY88
TRIVABET
KAISAR189
JOKER81
JPSPIN88
MAYORA4D
DJARUMPLAY
OVO88
BAKTI78
WINGSLOT77
ICAFE4D
PDTOTO
JETPLAY88
PORN VIDEO
https://link.space/@Hikaribet
https://bio.site/Hikaribet
https://heylink.me/Hikaribet39
CMBET88
CMBET88
didascaliasdelteatrocaminito.com
glenellynrent.com
gypsumboardequipment.com
realseller.org
https://harrysphone.com/upin
gyergyoalfalu.ro/tokek
vipokno.by/gokil
winjospg.com
winjos801.com/
www.logansquarerent.com
internationalfintech.com/bamsz
condowizard.ca
jawatoto889.com
hikaribet3.live
hikaribet1.com
heylink.me/hikaribet
www.nomadsumc.org
condowizard.ca/aromatoto
euro2024gol.com
www.imaracorp.com
daftarsekaibos.com
stuffyoucanuse.org/juragan
Toto Macau 4d
Aromatoto
Lippototo
Mbahtoto
Winjos
152.42.229.23
bandarlotre126.com
heylink.me/sekaipro
www.get-coachoutletsonline.com
wholesalejerseyslord.com
Lippototo
Zientoto
Lippototo
Situs Togel Resmi
Fajartoto
Situs Togel
Toto Macau
Winjos
Winlotre
Aromatoto
design-develop-test.com
winlotre.online
winlotre.xyz
winlotre.us
winlotrebandung.com
winlotrepalu.com
winlotresurabaya.shop
winlotrejakarta.com
winlotresemarang.shop
winlotrebali.shop
winlotreaceh.shop
winlotremakmur.com
Dadu Online
Taruhantoto
a Bandarlotre
bursaliga
lakitoto
aromatoto
Rebahin
untungslot.pages.dev
slotpoupler.pages.dev
rtpliveslot88a.pages.dev
tipsgameslot.pages.dev
pilihslot88.pages.dev
fortuertiger.pages.dev
linkp4d.pages.dev
linkslot88a.pages.dev
slotpgs8.pages.dev
markasjudi.pages.dev
saldo69.pages.dev
slotbenua.pages.dev
saingtoto.pages.dev
markastoto77.pages.dev
jowototo88.pages.dev
sungli78.pages.dev
volatilitas78.pages.dev
bonusbuy12.pages.dev
slotoffiline.pages.dev
dihindari77.pages.dev
rtpdislot1.pages.dev
agtslot77.pages.dev
congtoto15.pages.dev
hongkongtoto7.pages.dev
sinarmas177.pages.dev
hours771.pages.dev
sarana771.pages.dev
kananslot7.pages.dev
balitoto17.pages.dev
jowototo17.pages.dev
aromatotoding.com
unyagh.org
fairparkcounseling.com/gap/
impress-newtex.com/ajax/
SULTAN88
SULTANSLOT
RAJA328
JOIN88+
HOKIBET
GFC88
RusiaSlot88
Tahu69
BONANZA99
Pragmabet
mega55
luxury777
luxury333
borju89
qqgaming
KEDAI168
mega777
nagaslot777
TAKSU787
kkslot777
MAS77TOTO
BANDAR55+
BOS303
Login-HOKI99/
NUSA365
YUHUSLOT
ktp168
GALAXY138