Defense at Machine Speed: The Emerging Architecture Powering AI-Native Cybersecurity
Defense at Machine Speed: The Emerging Architecture Powering AI-Native Cybersecurity
Publish Date: 2026-07-14 11:04:00
Source Domain: menlovc.com
Using an unordered list, summarize the following article with between 4 and 8 key points.
Over the last six months, it seems like every security-oriented conversation has distilled down into one core question: What happens to defense when attackers automate everything?
The backdrop is well-known. Adversaries are now doing at machine-speed and machine-scale what defenders still do by hand. The teams adopting AI defenses are compounding their advantage every week. The teams waiting are falling behind in a way that gets harder to reverse with each passing month.
Evan Reiser, founder and CEO of Abnormal AI*, recently framed the stakes at our 2026 AI Cyber Summit: Every small win a security team captures with AI frees up capacity to capture the next one. That is a positive spiral, but the inverse is also true. Wait too long and the gap becomes impossible to close. As Evan put it:
Civilization has never been at a point where the compounding cost of getting ahead or behind on a technology is this extreme.”
Evidently, we are in a period of discontinuous change, and most security systems in production today were simply not built for it. The window to rebuild is open, but it won’t stay that way for long. The defense that walks through it will be distinct from the stack most enterprises run today.
What’s Changed
For 30 years, security was a tug of war between human attackers and human defenders, mediated by tools. AI breaks that symmetry by handing attackers three things at once: speed, scale, and sophistication. A single operator can now run thousands of personalized social engineering campaigns, each tuned to its target, each indistinguishable from legitimate activity. The first largely AI-orchestrated nation-state intrusions are already on the record.
The deeper shift is in what attackers go after. The majority of cybercrime no longer comes from software vulnerabilities, but rather from trusted identities doing untrustworthy things: social engineering, account compromise, insider abuse, etc. You cannot patch your way out of that, because nothing is technically broken. A real person, or a real credential, is simply being used against you.
Now, multiply it. Enterprises are about to operate not hundreds of human identities, but tens of thousands of agent identities, each acting, transacting, and communicating on a person’s behalf. Those agents will generate their own behaviors that no one explicitly programmed. The volume of email, messages, and actions originating from software rather than people is already climbing faster than anyone is tracking it. The attack surface is no longer your network; it’s the behavior of every identity—human and machine—operating inside your business.
Human-led defense cannot keep pace with this, and not because defenders aren’t good enough. The problem now demands superhuman perception to see and superhuman speed to act. That’s not a staffing problem; it’s an architecture problem.
The Architecture: Three Layers
We believe the AI-era defense stack resolves into three layers. They are complementary, with each layer relying on the one before it: a behavioral context engine to understand, autonomous agents to act, and continuous validation to keep the whole system honest.
1. The Behavioral Context Engine: Establishing the Baseline
You can’t defend what you don’t understand. The first and most critical layer is a system that learns what normal looks like for every identity in your business, then detects the moment behavior departs from it. Understand normal → detect what’s abnormal → respond autonomously. That loop serves as the foundation for everything else to be built and calibrated on.
This is harder than it sounds, and it’s where we believe durable advantage can live. Building a baseline of “correct” behavior requires deep, privileged access to the data that reveals how a business actually works: email, calendar, chat, identity directories, and, increasingly, the AI applications employees use. Whoever earns access to that data and can turn it into an accurate, dynamic behavioral model earns an advantage competitors can’t easily replicate. Attackers have AI, too—what they don’t have is your context.
Abnormal AI was an early pioneer of this loop. By starting in email (the channel where most identity-based attacks land), it sees the raw material of normal behavior: who talks to whom, how money moves, what a routine request looks like, etc. Effectively, Abnormal’s behavioral model enables them to stop attacks that signature- and rule-based tools never see, because the attack carries no malware and breaks no software; it is only a trusted identity behaving abnormally. The premise is almost unfair to the attacker: To get through, attackers have to look normal every single time, and they can’t. Abnormal reports detection that is orders-of-magnitude more accurate and faster than human-led review, at a cost structure that makes machine-speed defense economical rather than aspirational. Today, more than 30% of the Fortune 500 relies on it for autonomous, mission-critical security decisions.
What makes this a foundation rather than just a feature is its generality. Email was the first, most natural application of the behavioral engine, but it won’t be the last. In time, the behavioral engine becomes the connective tissue across every place an enterprise needs to be secured.
2. Autonomous Response: Tackling the Last Bottleneck
Context alone is necessary, but not sufficient. When attacks land in seconds, an alert sitting in a human queue is already a loss. The math is brutal: The average security operations team faces thousands of alerts a day and can meaningfully investigate only a few dozen. Everything else goes unexamined, and attackers know it. The second layer of AI-native cyber architecture closes that gap with autonomous agents that investigate and respond on their own, using the same tools and judgment a skilled analyst would, without the drag of a human in the loop for every decision.
Consider vulnerability management: Enterprises track hundreds of thousands of vulnerabilities but can remediate only a fraction, and the gap between disclosure and exploitation has collapsed to hours. Zafran*, for example, released their AI remediation offering to work out which vulnerabilities are genuinely exploitable given the controls a company already runs, then acts on them—assessing impact, mapping dependencies, and coordinating the fix across systems. Work that once sat in a queue for weeks gets resolved automatically. On its own, SOCs get the benefit of faster remediation; sitting atop a behavioral engine, it becomes a closed loop.
3. Continuous Validation: Keep Your Defenses Honest
The third layer answers a question every security leader should be asking in an AI world: How does my defense learn from each attack, such that it improves on its own? Most security improves in discrete jumps: configured, audited periodically, and otherwise left in place. As attackers refine their own methods, defenses must find a way to keep up in lockstep.
Security validation works best from two sides. From the inside, Obsidian* checks whether an organization’s own posture still holds, continuously confirming that app configurations, access, and third-party integrations are what they should be and surfacing drift as it happens rather than at the next audit. From the outside, Armadin* is building what it calls the “ultimate attacker”: a swarm of AI agents that continuously reason, plan, and adapt like the most advanced human adversaries, pressure-testing an organization’s defenses before a real attacker can. Instead of an occasional exercise, validation becomes a constant feedback loop that surfaces what can actually be exploited and hardens defense against it. When the offense never stops improving, the testing of your defense can’t stop either; continuous validation is how the first two layers stay trustworthy as the threats underneath them evolve.
Why This Is Bigger Than Security
The stakes here run well past traditional CISO budgets. The money in cloud infrastructure is enormous; the money in AI-driven digital labor will dwarf it. Over the next decade, enterprises will spend on the order of trillions of dollars augmenting and replacing knowledge work with AI agents. A bank will not run 5,000 agents. It’ll run 5,000,000.
No board will authorize that transition without a way to guarantee those agents behave. When an autonomous agent can move money, grant access, or send a message in a customer’s name, the enterprise needs something that monitors the behavior of its entire digital workforce—human and non-human alike—and intervenes the moment an identity does something it shouldn’t. The same behavioral lens has to cover the agents themselves. Cequence* governs what an agent can actually do, down to the individual tool call, such that any agent that strays from its job is caught in the act. And in the same way enterprises have always preferred an independent third party to watch over their core systems, they will not trust a model provider to police its own agents. They will want an independent, trusted layer they control.
The Window Is Closing
The drumbeat over the last six months has been consistent: Attacks are more frequent, more sophisticated, and arriving at machine speed. Human-led defense, as the primary line, is ending. The enterprises that accept this early and rebuild around behavioral context, autonomous response, and continuous validation will compound an advantage; those who wait will not be able to buy it back later.
We are investing behind that conviction across all three layers. If you’re building in these spaces, we would love to hear from you.
*Menlo Ventures portfolio company