Who Will AI Help More—Attackers or Defenders?

A look at who will benefit most from AI in the cat and mouse game of security

There’s frequent discussion now about how AI will help hackers do X and Y. Phishing and BEC scams are at the top of the list.

And there’s also lots of talk about AI helping with static code analysis, SOC operations, and lots of other defense-oriented use cases.

So which side will benefit more? Red or Blue?

Here’s my (current) answer.

Red first, then blue

My answer is somewhat simple: AI will most help the attacker side first, and then it will help defenders more in the long-term.

Here’s how I arrive at that conclusion.

  1. 👀 Continous Intelligent Monitoring and Analysis: Doing security at scale requires software. There are too many events and policies and constantly-evolving situations to handle things properly using just humans. And even SIEMs put most of the burden on the human analyst. To protect an organization and do business much better than we do today, we need to be able to see and understand as much as possible about our company all at once. To accomplish this, software is moving from static queries and databases to a context-based, LLM-based approach that I describe in my SPQA architecture. In short, the more context we have about the organization we’re defending the better we can defend it.

  2. ⚔️When We Lack Context, Attackers Win: In the early days of AI, attackers will be able to use AI to automate attacks while defenders still lack context about their environment. They don’t have AI deployed yet that understands their networks, their applications, their users, and their company’s policies. I expect this to last 3-5 years, even for the fastest-moving organizations. The AI/LLM tech simply isn’t there yet to be able to parse and understand the complexity of an environment.

  3. 🛡️Once Blue Catches Up, Their Internal Context Gives Them the Edge: But once that happens, i.e., once AI is aware of the perimeter, the apps, the users, the codebases, and the posture that the company is working to maintain, that’s when the advantage switches to the defender. Attackers won’t have access to that updated context the way the internal teams will, so they’ll always be behind. But keep in mind, that will only apply when they’re attacking targets that have fully context aware AI systems helping to defend. Where that’s not the case the advantage goes back to the attacker.

Context wins

Basically whoever can see the most about the target, and can hold that picture in their mind the best, will be best at finding the vulnerabilities the fastest and taking advantage of them. Or, as the defender, applying patches or mitigations the fastest.

And if you’re on the inside you know what the applications do. You know what’s important and what isn’t. And you can use all that internal knowledge to fix things—hopefully before the baddies take advantage.

Summary and prediction

  1. Attackers will have the advantage for 3-5 years. For less-advanced defender teams, this will take much longer.

  2. After that point, AI/SPQA will have the additional internal context to give Defenders the advantage. 

LLM tech is nowhere near ready to handle the context of an entire company right now. That’s why this will take 3-5 years for true AI-enabled Blue to become a thing.

And in the meantime, Red will be able to use publicly-available context from OSINT, Recon, etc. to power their attacks.


  1. The 3-5 year thing is a range and a guess, obviously. AI defending is starting already, and many aspects will take 10 years or more to fully blossom. But I think 3-5 is a good range for where Blue will retake the AI advantage from Red in the most savvy organizations.