We present the first comprehensive evaluation of AI agents against human cybersecurity professionals in a live enterprise environment. We evaluate ten cybersecurity professionals alongside six existing AI agents and ARTEMIS, our new agent scaffold, on a large university network consisting of ~8,000 hosts across 12 subnets. ARTEMIS is a multi-agent framework featuring dynamic prompt generation, arbitrary sub-agents, and automatic vulnerability triaging. In our comparative study, ARTEMIS placed second overall, discovering 9 valid vulnerabilities with an 82% valid submission rate and outperforming 9 of 10 human participants. While existing scaffolds such as Codex and CyAgent underperformed relative to most human participants, ARTEMIS demonstrated technical sophistication and submission quality comparable to the strongest participants. We observe that AI agents offer advantages in systematic enumeration, parallel exploitation, and cost -- certain ARTEMIS variants cost $18/hour versus $60/hour for professional penetration testers. We also identify key capability gaps: AI agents exhibit higher false-positive rates and struggle with GUI-based tasks.

Large Language Models (LLMs) have emerged as powerful tools capable of understanding and generating human-like text, offering transformative potential across diverse domains. The Security Operations Center (SOC), responsible for safeguarding digital infrastructure, represents one of these domains. SOCs serve as the frontline of defense in cybersecurity, tasked with continuous monitoring, detection, and response to incidents. However, SOCs face persistent challenges such as high alert volumes, limited resources, high demand for experts with advanced knowledge, delayed response times, and difficulties in leveraging threat intelligence effectively. In this context, LLMs can offer promising solutions by automating log analysis, streamlining triage, improving detection accuracy, and providing the required knowledge in less time. This survey systematically explores the integration of generative AI and more specifically LLMs into SOC workflow, providing a structured perspective on its capabilities, challenges, and future directions. We believe that this survey offers researchers and SOC managers a broad overview of the current state of LLM integration within academic study. To the best of our knowledge, this is the first comprehensive study to examine LLM applications in SOCs in details.

Kurt Knutsson introduces you to EVE, a smart and versatile humanoid robot that uses a modified version of AI and Chat GPT-4 to handle a variety of tasks. Sometimes, we find ourselves in a situation where we urgently need an internet connection, but we are not at home or at work. We might want to do some online tasks, such as checking our email, browsing social media, or streaming our favorite show. However, what if the only available option is a public Wi-Fi network that we are not familiar with? How can we use it safely without exposing our privacy and security?

The average business receives 10,000 alerts every day from the various software tools it uses to monitor for intruders, malware and other threats. Cybersecurity staff often find themselves inundated with data they need to sort through to manage their cyber defenses. Cyberattacks are increasing and affect thousands of organizations and millions of people in the U.S. alone. These challenges underscore the need for better ways to stem the tide of cyber-breaches. Artificial intelligence is particularly well suited to finding patterns in huge amounts of data.

The average business receives 10,000 alerts every day from the various software tools it uses to monitor for intruders, malware, and other threats. Cybersecurity staff often find themselves inundated with data they need to sort through to manage their cyber defenses. Cyberattacks are increasing and affect thousands of organizations and millions of people in the U.S. alone. These challenges underscore the need for better ways to stem the tide of cyber-breaches. Artificial intelligence is particularly well suited to finding patterns in huge amounts of data.

The average business receives 10,000 alerts every day from the various software tools it uses to monitor for intruders, malware and other threats. Cybersecurity staff often find themselves inundated with data they need to sort through to manage their cyber defenses. Cyberattacks are increasing and affect thousands of organizations and millions of people in the U.S. alone. These challenges underscore the need for better ways to stem the tide of cyber-breaches. Artificial intelligence is particularly well suited to finding patterns in huge amounts of data.

The average business receives 10,000 alerts every day from the various software tools it uses to monitor for intruders, malware and other threats. Cybersecurity staff often find themselves inundated with data they need to sort through to manage their cyber defenses. Cyberattacks are increasing and affect thousands of organizations and millions of people in the U.S. alone. These challenges underscore the need for better ways to stem the tide of cyber-breaches. Artificial intelligence is particularly well suited to finding patterns in huge amounts of data.

The average business receives 10,000 alerts every day from the various software tools it uses to monitor for intruders, malware and other threats. Cybersecurity staff often find themselves inundated with data they need to sort through to manage their cyber defenses. Cyberattacks are increasing and affect thousands of organizations and millions of people in the U.S. alone. These challenges underscore the need for better ways to stem the tide of cyber-breaches. Artificial intelligence is particularly well suited to finding patterns in huge amounts of data.

Cybersecurity professionals are facing an unprecedented threat environment, with record-high numbers of attacks, shortage of qualified staff, and increasing aggression and sophistication from nation-state actors. For many data center cybersecurity managers, the silver bullet for all these problems is artificial intelligence. It promises to allow security teams to handle more threats than ever before, of greater complexity than ever before, with fewer and fewer people. In fact, according to a global survey released this past September by Pillsbury, a global law firm focusing on technology, 49% of executives think artificial intelligence is the best tool to counter nation-state cyber attacks. Pillsbury predicts that cybersecurity-related AI spending will increase at a compound annual growth rate of 24% through 2027 to reach a market value of $46 billion.

Cybercriminals are using these changes to stay one step ahead of us through deceptive tactics, such as malware, phishing schemes, ransomware, credential stuffing and domain hijacking. These strained teams often find themselves drowning in false positives: Organizations, on average, receive 5,000 alerts a day, and cybersecurity professionals can usually only investigate 10 to 20 in a single shift. Through sophisticated algorithms and predictive intelligence, these tools hunt down malware, run pattern recognition, and find and thwart attacks before they can cause damage. As AI and machine learning continue to advance, we should develop capabilities that consider the risk tolerance of individual organizations in assessing activity and threats so teams can work on a finite number of alerts, while maintaining an acceptable level of protection. He holds two Master of Science degrees: one in physics from the Indian Institute of Technology in Kanpur, India, and one in electrical and computer engineering from the University of Texas.