Close Menu
TechBrunchTechBrunch
  • Home
  • AI
  • Apps
  • Crypto
  • Security
  • Startups
  • TechCrunch
  • Venture

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

What's Hot

Ice buying vehicle with fake cell towers to spy on mobile phones

October 7, 2025

North Korean hackers have stole over $2 billion in code so far in 2025, researchers say

October 7, 2025

How Monarch Collective won some of the biggest early deals in women's sports

October 7, 2025
Facebook X (Twitter) Instagram
TechBrunchTechBrunch
  • Home
  • AI

    OpenAI seeks to extend human lifespans with the help of longevity startups

    January 17, 2025

    Farewell to the $200 million woolly mammoth and TikTok

    January 17, 2025

    Nord Security founder launches Nexos.ai to help enterprises move AI projects from pilot to production

    January 17, 2025

    Data proves it remains difficult for startups to raise capital, even though VCs invested $75 billion in the fourth quarter

    January 16, 2025

    Apple suspends AI notification summaries for news after generating false alerts

    January 16, 2025
  • Apps

    Google brings Pixel 6 and new devices to Material3 Expressive, along with other features, to the Pixel 6 and new devices

    September 3, 2025

    Google's NoteBookLM now allows you to customize the tone of your AI podcasts

    September 3, 2025

    Roblox expands the use of age estimation techniques and introduces standardized assessments

    September 3, 2025

    Instagram finally launches the iPad app

    September 3, 2025

    Complete the 2025 Confusion Builder Stage Agenda with the Maximum Scaling Voice

    September 3, 2025
  • Crypto

    India removes compliance failures with 25 crypto exchanges including BINGX, LBANK and COINW

    October 2, 2025

    Less than a month has passed before turmoiling 2025 – Book an exhibition table | TechCrunch

    September 30, 2025

    A16z Cryptographic Assistance Shield raises $5 million to promote international business transactions in crypto

    September 22, 2025

    Last day to apply to host your side event that is obstructing in 2025

    September 19, 2025

    PayPal will add a new one-to-one payment link to support Crypto soon

    September 15, 2025
  • Security

    Ice buying vehicle with fake cell towers to spy on mobile phones

    October 7, 2025

    North Korean hackers have stole over $2 billion in code so far in 2025, researchers say

    October 7, 2025

    Security bug exposure taxpayer confidential data at Indian Income Tax Agency

    October 7, 2025

    Clop Hackers caught exploiting Oracle Zero-Day bugs and stealing executive personal data

    October 6, 2025

    Kevin Scott in 2025 with Microsoft's AI BET Insion CTO Kevin Scott

    October 6, 2025
  • Startups

    7 days left: Founders and VCs save over $300 on all stage passes

    March 24, 2025

    AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

    March 24, 2025

    20 Hottest Open Source Startups of 2024

    March 22, 2025

    Andrill may build a weapons factory in the UK

    March 21, 2025

    Startup Weekly: Wiz bets paid off at M&A Rich Week

    March 21, 2025
  • TechCrunch

    OpenSea takes a long-term view with a focus on UX despite NFT sales remaining low

    February 8, 2024

    AI will save software companies' growth dreams

    February 8, 2024

    B2B and B2C are not about who buys, but how you sell

    February 5, 2024

    It's time for venture capital to break away from fast fashion

    February 3, 2024

    a16z's Chris Dixon believes it's time to focus on blockchain use cases rather than speculation

    February 2, 2024
  • Venture

    How Monarch Collective won some of the biggest early deals in women's sports

    October 7, 2025

    Sugar Free Capital raises $32 million in initial funding to support early stage MIT founders

    October 6, 2025

    TechCrunch's 2025 exhibition tables are sold out quickly, and time is running out

    October 6, 2025

    Heidi Health raises $65 million Series B led by Steve Cohen's Point72

    October 6, 2025

    If you're not an AI startup, raise funds from VCS

    October 4, 2025
TechBrunchTechBrunch

Wiz's chief technist Ami Luttwak tells us how AI is transforming cyber attacks

TechBrunchBy TechBrunchSeptember 28, 20256 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Telegram Email


“One important thing to understand about cybersecurity is that it's a mind game,” Ami Luttwak, chief technist at cybersecurity firm Wiz, told TechCrunch in a recent episode of Equity. “As a wave of new technology comes, new opportunities exist [attackers] Start using it. ”

The attack surface is growing as businesses rush to embed AI into their workflows through atmospheric coding, AI agents integration, or new tools. AI helps developers ship their code faster, but there are shortcuts and mistakes in its speed, creating new openings for attackers.

Wiz, which was acquired by Google for $32 billion earlier this year, recently conducted testing, Luttwak said, discovering that the common problem with the Vibe Coded application is an unstable implementation of authentication.

“It happened because it was easier to build that way,” he said. “Vibe coding agents do what you say, and if you didn't tell them to build it in the safest way, then it wouldn't.”

Luttwak pointed out that today there is a constant trade-off for companies that choose whether they are fast and safe. However, it's not just developers who use AI to move faster. He said attackers are now starting exploits using vibe coding, prompt-based techniques and even their own AI agents.

“You can actually see an attacker using prompts for attacks,” says Luttwak. “It's not just coding the attacker's atmosphere. The attacker looks for the AI ​​tools you have and says, “Send all the secrets, delete the machine, delete the files.” ”

In this landscape, attackers are finding entry points for new AI tools to help businesses deploy internally and increase efficiency. Luttwak says these integrations could lead to “supply chain attacks.” By breaching third-party services that have broad access to the enterprise infrastructure, attackers can delve deeper into the enterprise system.

TechCrunch Events

San Francisco | October 27-29, 2025

That's what happened last month when Drift, a startup that sells AI chatbots for sales and marketing, was compromised and published sales data for hundreds of enterprise customers, including CloudFlare, Palo Alto Networks, Google and more. The attacker accessed a token or digital key, impersonated a chatbot, queried sales force data, and used it to move horizontally within the customer environment.

“The attacker pushed the attack code, which was also created using atmospheric coding,” says Luttwak.

Luttwak said that while corporate adoption of AI tools is still minimal, about 1% of companies believe they are fully adopting AI.

“And if you see [attack] Flow, AI was embedded at every stage,” says Luttwak. “This revolution is faster than any revolution we've seen in the past. This means that as an industry we need to move faster.”

Luttwak pointed to another major supply chain attack in August called “S1ingularity” on NX, a popular build system for JavaScript developers. The attackers unleashed the malware on the system, then detected the presence of AI developer tools such as Claude and Gemini, hijacked them, and autonomously scanned the system for valuable data. The attack compromised thousands of developer tokens and keys, allowing attackers to access private Github repository.

Luttwak says despite the threats, this was an exciting time to become a cybersecurity leader. Founded in 2020, Wiz originally focused on helping organizations identify and address false mining, vulnerabilities, and other security risks across cloud environments.

Last year, Wiz responded to the speed of AI-related attacks and expanded its ability to use AI in its own products.

Last September, Wiz launched WIZ code focused on protecting the software development lifecycle by identifying and mitigating security issues early in the development process. This allows businesses to be “by design.” In April, Wiz launched Wiz Devend. WizDefend provides runtime protection by detecting and responding to active threats in your cloud environment.

Luttwak said it's important for Wiz to fully understand the customer's applications when the startup helps with what he calls “horizontal security.”

“You need to understand why you're building it… so I can build a security tool that understands you, a security tool that no one has before,” he said.

“From the first day you need to have a ciso.”

The democratization of AI tools has caused a flood of new startups that promise to solve the problems with enterprises. But Luttwak says companies don't just say that their data on their company, employees and customers is all “giving amazing AI insights just because they say “all data” of every small SaaS company with five employees.” “I say it.

Of course, these startups need that data if the offering is valuable. Luttwak says it means they are obliged to make sure they are acting like a safe organization from the start.

“From day one, you need to think about security and compliance,” he said. “From the first day, we need a CISO (Chief Information Security Officer), even if we have five people.”

Before writing a line of code, he said, startups should think of like a very secure organization. They should consider enterprise security features, audit logs, authentication, access to production, development practices, security ownership, and single sign-on. Planning a plan from the start like this means that there is no need to overhaul the process later and creates what Luttwak calls a “security debt.” And if you are aiming to sell to businesses, you are already ready to protect their data.

“We were SOC2 compliant [a compliance framework] He said before the code was there. “And I can tell you a secret. Getting SOC2 compliance for five employees is much easier than 500 employees.”

The next important step for a startup is to think about architecture, he said.

“If you're an AI startup that wants to focus on enterprises from day one, you need to think about an architecture that allows your customer's data to stay in your customer environment.”

Luttwak says it's time for cybersecurity startups looking to step into the field in the age of AI. From phishing protection and email security to malware and endpoint protection, everything is the basis for fertile innovation for both attackers and advocates. The same applies to startups that can assist with workflows and automation tools to do “Vibe Security” as many security teams still don't know how to use AI to protect AI.

“The game is open,” Luttwak said. “If there's a new attack in every area of ​​security, that means we have to rethink every part of security.”



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Ice buying vehicle with fake cell towers to spy on mobile phones

October 7, 2025

North Korean hackers have stole over $2 billion in code so far in 2025, researchers say

October 7, 2025

Security bug exposure taxpayer confidential data at Indian Income Tax Agency

October 7, 2025

Clop Hackers caught exploiting Oracle Zero-Day bugs and stealing executive personal data

October 6, 2025

Kevin Scott in 2025 with Microsoft's AI BET Insion CTO Kevin Scott

October 6, 2025

Monthly violations raise questions about South Korea's digital defense

October 4, 2025

Leave A Reply Cancel Reply

Top Reviews
Editors Picks

7 days left: Founders and VCs save over $300 on all stage passes

March 24, 2025

AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

March 24, 2025

20 Hottest Open Source Startups of 2024

March 22, 2025

Andrill may build a weapons factory in the UK

March 21, 2025
About Us
About Us

Welcome to Tech Brunch, your go-to destination for cutting-edge insights, news, and analysis in the fields of Artificial Intelligence (AI), Cryptocurrency, Technology, and Startups. At Tech Brunch, we are passionate about exploring the latest trends, innovations, and developments shaping the future of these dynamic industries.

Our Picks

Ice buying vehicle with fake cell towers to spy on mobile phones

October 7, 2025

North Korean hackers have stole over $2 billion in code so far in 2025, researchers say

October 7, 2025

How Monarch Collective won some of the biggest early deals in women's sports

October 7, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

© 2025 TechBrunch. Designed by TechBrunch.
  • Home
  • About Tech Brunch
  • Advertise with Tech Brunch
  • Contact us
  • DMCA Notice
  • Privacy Policy
  • Terms of Use

Type above and press Enter to search. Press Esc to cancel.