We present the first comprehensive evaluation of AI agents against human cybersecurity professionals in a live enterprise environment. We evaluate ten cybersecurity professionals alongside six existing AI agents and ARTEMIS, our new agent scaffold, on a large university network consisting of ~8,000 hosts across 12 subnets. ARTEMIS is a multi-agent framework featuring dynamic prompt generation, arbitrary sub-agents, and automatic vulnerability triaging. In our comparative study, ARTEMIS placed second overall, discovering 9 valid vulnerabilities with an 82% valid submission rate and outperforming 9 of 10 human participants. While existing scaffolds such as Codex and CyAgent underperformed relative to most human participants, ARTEMIS demonstrated technical sophistication and submission quality comparable to the strongest participants. We observe that AI agents offer advantages in systematic enumeration, parallel exploitation, and cost -- certain ARTEMIS variants cost $18/hour versus $60/hour for professional penetration testers. We also identify key capability gaps: AI agents exhibit higher false-positive rates and struggle with GUI-based tasks.

Kurt Knutsson introduces you to EVE, a smart and versatile humanoid robot that uses a modified version of AI and Chat GPT-4 to handle a variety of tasks. Sometimes, we find ourselves in a situation where we urgently need an internet connection, but we are not at home or at work. We might want to do some online tasks, such as checking our email, browsing social media, or streaming our favorite show. However, what if the only available option is a public Wi-Fi network that we are not familiar with? How can we use it safely without exposing our privacy and security?

The average business receives 10,000 alerts every day from the various software tools it uses to monitor for intruders, malware and other threats. Cybersecurity staff often find themselves inundated with data they need to sort through to manage their cyber defenses. Cyberattacks are increasing and affect thousands of organizations and millions of people in the U.S. alone. These challenges underscore the need for better ways to stem the tide of cyber-breaches. Artificial intelligence is particularly well suited to finding patterns in huge amounts of data.

The average business receives 10,000 alerts every day from the various software tools it uses to monitor for intruders, malware, and other threats. Cybersecurity staff often find themselves inundated with data they need to sort through to manage their cyber defenses. Cyberattacks are increasing and affect thousands of organizations and millions of people in the U.S. alone. These challenges underscore the need for better ways to stem the tide of cyber-breaches. Artificial intelligence is particularly well suited to finding patterns in huge amounts of data.

The average business receives 10,000 alerts every day from the various software tools it uses to monitor for intruders, malware and other threats. Cybersecurity staff often find themselves inundated with data they need to sort through to manage their cyber defenses. Cyberattacks are increasing and affect thousands of organizations and millions of people in the U.S. alone. These challenges underscore the need for better ways to stem the tide of cyber-breaches. Artificial intelligence is particularly well suited to finding patterns in huge amounts of data.

The average business receives 10,000 alerts every day from the various software tools it uses to monitor for intruders, malware and other threats. Cybersecurity staff often find themselves inundated with data they need to sort through to manage their cyber defenses. Cyberattacks are increasing and affect thousands of organizations and millions of people in the U.S. alone. These challenges underscore the need for better ways to stem the tide of cyber-breaches. Artificial intelligence is particularly well suited to finding patterns in huge amounts of data.

The average business receives 10,000 alerts every day from the various software tools it uses to monitor for intruders, malware and other threats. Cybersecurity staff often find themselves inundated with data they need to sort through to manage their cyber defenses. Cyberattacks are increasing and affect thousands of organizations and millions of people in the U.S. alone. These challenges underscore the need for better ways to stem the tide of cyber-breaches. Artificial intelligence is particularly well suited to finding patterns in huge amounts of data.

Cybersecurity professionals are facing an unprecedented threat environment, with record-high numbers of attacks, shortage of qualified staff, and increasing aggression and sophistication from nation-state actors. For many data center cybersecurity managers, the silver bullet for all these problems is artificial intelligence. It promises to allow security teams to handle more threats than ever before, of greater complexity than ever before, with fewer and fewer people. In fact, according to a global survey released this past September by Pillsbury, a global law firm focusing on technology, 49% of executives think artificial intelligence is the best tool to counter nation-state cyber attacks. Pillsbury predicts that cybersecurity-related AI spending will increase at a compound annual growth rate of 24% through 2027 to reach a market value of $46 billion.

Cybercriminals are using these changes to stay one step ahead of us through deceptive tactics, such as malware, phishing schemes, ransomware, credential stuffing and domain hijacking. These strained teams often find themselves drowning in false positives: Organizations, on average, receive 5,000 alerts a day, and cybersecurity professionals can usually only investigate 10 to 20 in a single shift. Through sophisticated algorithms and predictive intelligence, these tools hunt down malware, run pattern recognition, and find and thwart attacks before they can cause damage. As AI and machine learning continue to advance, we should develop capabilities that consider the risk tolerance of individual organizations in assessing activity and threats so teams can work on a finite number of alerts, while maintaining an acceptable level of protection. He holds two Master of Science degrees: one in physics from the Indian Institute of Technology in Kanpur, India, and one in electrical and computer engineering from the University of Texas.

The goal of artificial intelligence (AI) is to mimic the same intelligence that humans display. While it has many uses, it could be a highly effective way to improve cybersecurity. If AI systems are used in the right way, they could potentially identify new threats, send alerts, and ensure that sensitize data is properly protected. A report from TechRepublic found that it's normal for a midsized company to receive approximately 200,000 cybersecurity alerts a day. This makes it difficult for security teams to effectively manage all threats.