COMMENTARY: Imagine a chef’s kitchen, where each tool has a specific purpose: a cast-iron pan for the perfect sear, a wok for stir-fry, a sashimi knife for precise sushi cuts. Agentic AI brings the same level of specialization to security, equipping teams with dedicated AI agents, each designed to excel at a specific task.Agentic AI has been applied today across a wide range of security use cases, improving efficiency across security operations as well as security architecture and engineering, upleveling teams to achieve greater outcomes. For example, specialized agents can autonomously assist with threat hunting, surfacing emerging threats faster than traditional methods, generating secure-by-design code, and writing or validating policies.[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]Agentic AI and AI agents, their various applications and how to best secure them, will be a hot topic for the next few days at this year’s RSA Conference, with numerous sessions dedicated to the topic. Discussions will cover the potential of Agentic Al, real-world applications, emerging threats, and top risks.From hype to implementation
As Agentic AI moves from concept to implementation, the spotlight turns to where the rubber meets the road: real-world security challenges. Among its many promising applications, one of the most impactful is in cloud security, accelerating how teams prioritize, and resolve security risks.Cloud security teams are overwhelmed, drowning in a never-ending backlog of cloud misconfigurations, policy violations, and vulnerabilities. The vulnerability management playbook is outdated. The remediation process doesn’t scale.Teams waste too much time just aligning on what needs fixing. Security and DevOps teams are still manually validating findings, analyzing root causes, prioritizing based on actual business context, implementing fixes, QA to test – it never ends.Attackers, armed with AI, now move faster than ever, identifying and exploiting weaknesses in just days. Meanwhile, fixing a critical vulnerability often takes months, involving long quests just to avoid breaking something else. And with the next compliance audit looming, leadership needs to ask: “Why do we still have the same vulnerabilities?”The sheer volume of risks, coupled with the lack of automation, leaves security and DevOps teams chasing one-off tickets without the ability to implement remediation strategies and new policies that address a wider scope of issues and prevent future risks.As an industry, we’ve been winning battles, but losing the war. Agentic AI could change that.Agentic AI use cases for cloud security Agentic AI promises to transform how security teams operate, and in the context of security risk management, lets them break the cycle of long, manual remediation and implement a proactive, scalable, and repeatable program.Here are some practical ways teams can apply Agentic AI:Context-aware risk prioritization: Evaluate multiple factors such as exploitability, runtime presence, internet exposure, existing mitigating controls, and business criticality. Remediation impact simulation: Simulate the implementation of patches, package updates, IaC, and code fixes to identify high-impact, low-effort solutions. Root cause analysis: Pinpoint the origin of an issue, tracing it back to the asset, lines of code, IaC tool, and DevOps owner. Code generation: Generate replacement code in IaC based on the organization’s infrastructure and policies. Identify mitigation options: Analyze cloud security services and guardrails to detect available mitigation measures to reduce the severity of risks. While full auto-remediation will take a bit more time to develop, Agentic AI gets security and DevOps 90% of the way there. It promises to dramatically reduce the burden and operational toil our teams have traditionally faced to get tickets closed and issues resolved.Agentic AI lets security teams approach remediation and risk management in a completely new way. Instead of reacting to risks one-by-one and researching individual fixes, security teams can leverage Agentic AI to analyze all available tools, assess their impact and effectiveness, and implement high-impact changes that reduce both risk exposure and backlog.It’s a shift in mindset: from asking “how many risks do we have?” to “how many risks can we eliminate with a single tool?”While different AI Agents specialize and excel in their individual domain, one analyzing root cause, another de-duplicating and correlating findings, another evaluating business impact, and a fourth checking policy alignment, they can also work collaboratively as a system. The agents share context and insights with one another to identify the most effective remediation paths.Risk remediation isn’t a challenge humans can tackle alone. Fortunately, we don’t have to face it all without help. Agentic AI can pave the way for security teams to efficiently manage risk exposure in today’s complex, hybrid, and multi-cloud environments.Snir Ben Shimol, co-founder and CEO, Zest SecuritySC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
As Agentic AI moves from concept to implementation, the spotlight turns to where the rubber meets the road: real-world security challenges. Among its many promising applications, one of the most impactful is in cloud security, accelerating how teams prioritize, and resolve security risks.Cloud security teams are overwhelmed, drowning in a never-ending backlog of cloud misconfigurations, policy violations, and vulnerabilities. The vulnerability management playbook is outdated. The remediation process doesn’t scale.Teams waste too much time just aligning on what needs fixing. Security and DevOps teams are still manually validating findings, analyzing root causes, prioritizing based on actual business context, implementing fixes, QA to test – it never ends.Attackers, armed with AI, now move faster than ever, identifying and exploiting weaknesses in just days. Meanwhile, fixing a critical vulnerability often takes months, involving long quests just to avoid breaking something else. And with the next compliance audit looming, leadership needs to ask: “Why do we still have the same vulnerabilities?”The sheer volume of risks, coupled with the lack of automation, leaves security and DevOps teams chasing one-off tickets without the ability to implement remediation strategies and new policies that address a wider scope of issues and prevent future risks.As an industry, we’ve been winning battles, but losing the war. Agentic AI could change that.Agentic AI use cases for cloud security Agentic AI promises to transform how security teams operate, and in the context of security risk management, lets them break the cycle of long, manual remediation and implement a proactive, scalable, and repeatable program.Here are some practical ways teams can apply Agentic AI:
