* [Blog](https://www2.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate/)
* [Company \& Culture](https://www2.paloaltonetworks.com/blog/category/company-culture/)
* AI in Security --- Ready fo...

# AI in Security --- Ready for Prime Time

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2024%2F01%2Fai-in-security%2F)  
[](https://twitter.com/share?text=AI+in+Security+%E2%80%94+Ready+for+Prime+Time&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2024%2F01%2Fai-in-security%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2024%2F01%2Fai-in-security%2F&title=AI+in+Security+%E2%80%94+Ready+for+Prime+Time&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/2024/01/ai-in-security/&ts=markdown)  
\[\](mailto:?subject=AI in Security — Ready for Prime Time)  
Link copied  
By [Dena De Angelo](https://www.paloaltonetworks.com/blog/author/ddeangelo/?ts=markdown "Posts by Dena De Angelo")  
Jan 17, 2024  
6 minutes  
[Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown)  
[Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown)  
[Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)  
[AI](https://www.paloaltonetworks.com/blog/tag/ai/?ts=markdown)  
[AI's Impact in Cybersecurity](https://www.paloaltonetworks.com/blog/tag/ais-impact-in-cybersecurity/?ts=markdown)  
[Cortex XSIAM](https://www.paloaltonetworks.com/blog/tag/cortex-xsiam/?ts=markdown)  
[Interview](https://www.paloaltonetworks.com/blog/tag/interview/?ts=markdown)  
[ML-powered](https://www.paloaltonetworks.com/blog/tag/ml-powered/?ts=markdown)  
![](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/audio-icon.svg)  
Yoni Allon -- Predicting How Attackers Will Use AI  
*00:00* *00:00*  
Volume Slider  
10s 10s  
10s 10s  
Seek Slider

*["AI's Impact in Cybersecurity"](https://www.paloaltonetworks.com/blog/tag/ais-impact-in-cybersecurity/) is a regular blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42 with roles in AI research, product management, consulting, engineering and more. Our objective is to present different viewpoints and predictions on how artificial intelligence is impacting the current threat landscape, how Palo Alto Networks protects itself and its customers, as well as implications for the future of cybersecurity. Yoni Allon, vice president research, chats with David Moulton, director of thought leadership, shares insights on the evolving landscape of AI's role in the security operations center (SOC) and the opportunities and challenges it brings.*

The fusion of artificial intelligence (AI) with cybersecurity has revolutionized the approach to safeguarding our digital lives in ways we are only just beginning to take advantage of en masse -- across most if not all industries, from the novice to the well-seasoned pro. AI is no longer a predictable trope limited to slick Sci-Fi movies and Hugo-award-winning novels.

It's finally ready for prime time and most folks seem ready to dip their proverbial toes in, if only to see what the fuss is all about. Yet, at Palo Alto Networks, earlier nascent iterations of AI have been in use for well over 10 years and continue to adapt and evolve during this neo-Renaissance. The future looks bright, and we're here for it.

## **Adapting to Evolving Threats**

As defenders, we get to utilize the cool tools yet, conversely, so do our adversaries. AI fighting AI is on the horizon, with augmented capabilities for both attackers and defenders. We're just now getting a glimpse of future scenarios as the technology matures. Accordingly, Yoni highlights a significant shift in attacker tactics foreseeing a surge in the use of generative AI by malevolent entities.

This advancement enables the creation of intricate deep fakes and convincing phishing attempts, demanding enhanced vigilance within organizations. Advancements in voice modeling and digital capabilities are creating synthetic versions of authentic humans in ways that challenge the most critical eye and ear. As such, security practitioners need to proactively counter these evolving threats to protect sensitive data and organizational integrity.

Moreover, concerns about AI pollution and data manipulation were also raised during the discussion. Deliberate corruption of datasets by attackers could lead to misleading or malicious content, posing substantial challenges to organizations. To mitigate these risks, a reassessment of data-sharing practices and stringent data leak prevention strategies are imperative. Yoni explains:

*"Any prompt can now become a way to learn new data,* *and it's easier to search on that data using generative AI.* *So, companies will probably change the way they are approaching* *data leak prevention and data sharing as a whole."*

Anticipating changes in security vendor strategies, Yoni suggested a potential return to more precise AI. This shift signifies a renewed focus on accuracy and efficacy in AI models, aiming to better serve the specific needs of customers. The diversification of AI models calls for a strategic reassessment among vendors to address the escalating threats effectively.

## **Metrics and Safeguarding AI Models**

The discussion emphasized the importance of comprehensive metrics in evaluating AI's impact on cybersecurity. While mean time to respond (MTTR) remains a pivotal metric, precision, hit rate, coverage and lift were highlighted as equally critical. These metrics collectively gauge an AI model's effectiveness in detecting threats, highlighting important alerts, and resolving threats, all of which provide a holistic view of its performance.

To that end, safeguarding AI models emerged as a key concern. Yoni stressed the necessity of collaboration between cybersecurity experts and data scientists. Domain experts play a crucial role in ensuring the integrity of data used to train AI models, emphasizing the adage of "garbage in, garbage out." Yoni discusses this important alliance further:

*"I think a key point that a lot of times is missing is that* *AI is not just being done by AI experts in a specific domain.* *When you're looking at how you build a cybersecurity AI model,* *you need to have both cybersecurity people,* *security researchers and a data scientist building that together.* *During that process of building it,* *when you're talking about data issues or data pollution* *or all these kinds of problems, you're expecting the domain expert* *to be able to say, 'this data makes no sense in reality.'* *Somebody's either playing with us, it's simulated data, it's fake data,* *and in that process of validation and training, you make sure* *that the data you put into the model is good.* *So it's a garbage in, garbage out problem. The people building* *those models need to be the gatekeepers of good data* *and then you get good results."*

## **Integration of AI in Personal and Professional Spaces**

Yoni shared insights into his personal and professional integration of AI, showcasing its versatile utility. From aiding decision-making in finance and healthcare to assisting in language-related tasks, AI's pervasive influence across diverse domains became evident.

Additionally, the discussion highlighted the often unnoticed presence of AI in everyday experiences. Whether through network optimizations facilitating internet access or content filtering on social media platforms, AI silently shapes user interactions and experiences.

Addressing misconceptions, Yoni distinguished between AI and machine learning (ML). He emphasized the complexity of AI models, comprising intricate sets of rules, while also stressing adaptability and learning capabilities as defining factors:

*"I'll start by saying that AI and ML generally* *is a set of 'if' statements. It all comes down to if.* *We're using binary computers, that's the way things are.* *I think focusing on whether it's a rule or not, is not the point.* *I think the point should be: Does it behave in a way* *that learns based on new data or is seeing so much data* *that you can't really represent the set of ifs as something* *that you can even comprehend? So, when you're thinking about* *an ML model, even one that's, let's say, classifying bad files,* *it's essentially a very large set of rules, a thousand different rules* *compacted together to become something we call an ML model.* *Is it still rules behind the scenes?* *Potentially, you could describe it as a set of rules.* *They're really, really hard to describe because there's thousands,* *thousands, and thousands of them, and that's true* *for any kind of AI including generative AI."*

The interview with Yoni unveiled crucial insights into the dynamic landscape of AI in cybersecurity, highlighting the pressing need for organizations to adapt to evolving threats, reconsider strategies, and prioritize safeguarding AI models. Collaboration between cybersecurity experts and data scientists has emerged as pivotal in leveraging AI effectively. In other words, AI in an enterprise environment might be viewed as a team sport, with respective roles and responsibilities all working holistically to achieve optimal outcomes.

As the cybersecurity landscape continues to evolve, it's imperative for practitioners to stay agile and proactive in integrating AI strategies that fortify defenses, protect sensitive data, and ensure resilience against emerging threats.

**See how the Cortex platform is putting AI into the hands of defenders. Take the [XSIAM tour](http://www.paloaltonetworks.com/xsiamtour) today.**

*** ** * ** ***

## Related Blogs

### [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### AI in OT Security --- Balancing Industrial Innovation and Cyber Risk](https://www2.paloaltonetworks.com/blog/2024/08/ai-in-ot-security/)

### [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### AI Is Changing Security --- 5 Predictions from Cortex](https://www2.paloaltonetworks.com/blog/2024/01/ai-is-changing-security/)

### [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### AI Provides an Rx for Cybersecurity in Healthcare](https://www2.paloaltonetworks.com/blog/2024/07/ai-provides-an-rx-for-cybersecurity-in-healthcare/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### The Dark Side of AI in Cybersecurity --- AI-Generated Malware](https://www2.paloaltonetworks.com/blog/2024/05/ai-generated-malware/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### AI in Cybersecurity --- A CISO's Perspective](https://www2.paloaltonetworks.com/blog/2024/03/ai-in-cybersecurity-a-cisos-perspective/)

### [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Beyond the Hype --- Where AI Can Shine in Security](https://www2.paloaltonetworks.com/blog/2024/01/where-ai-can-shine-in-security/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language