Silicon Employees Spark Agent Warfare: From Response to Autonomous Defense
“In the near future—maybe six months, at most two years—the vast majority of security products we currently use will fail.”
That’s not from a hacker—it’s from AsiaInfo Security CEO Ma Hongjun at the 8th C3 Security Conference.
Sounds alarmist, but when you think about it, it’s pretty terrifying.
Why Will Security Products Fail?
Core reason: attack methods have changed.
Traditional security products protect against “humans.” Attackers use vulnerability scanners, phishing emails, malware—tools designed by people with fixed patterns.
But now, attackers are using AI Agents.
AI Agents aren’t tools—they’re “silicon employees.” They can autonomously discover vulnerabilities, auto-generate phishing pages, adjust attack strategies in real-time—no fixed patterns, no predictable rules.
Traditional rule engines, signature databases, sandbox detection—basically helpless against this “intelligent attack.”
For Example
Traditional phishing: Attacker creates a phishing page with fixed URL and content. Security products blacklist the URL—users are safe.
AI Agent-driven phishing: Agent analyzes target’s social info in real-time, generates personalized phishing content, rotates domains every minute—blacklisting can’t keep up, content detection fails.
This reminds me of 2024’s “AI poisoning” incidents. People used AI to mass-generate fake reviews and news, manipulating online discourse. Defense back then was mainly “post-identification and deletion,” but AI-generated content got increasingly convincing—detection costs skyrocketed.
Now, this “AI confrontation” has escalated—from “content warfare” to “attack-defense warfare.”
Enterprise Security’s Dilemma
Ma Hongjun cited research predicting AI-driven automated attacks will become the primary threat in 2026.
What does this mean? Enterprise security teams aren’t facing “human attackers”—they’re facing “AI attackers.”
Human attackers get tired, make mistakes, have moral boundaries. AI attackers don’t.
They can attack 24/7, target thousands simultaneously, adjust strategies in milliseconds—human security teams can’t cope.
So Ma said: The future is Agent warfare. AI vs. AI, Agent vs. Agent.
How to Build “AI-Native” Security?
The conference introduced “AI-native security.” Here’s what’s interesting.
Traditional security products are “bolted on”—business system first, then firewall around it.
AI-native security is “embedded”—AI security capabilities built into system design from the start.
How specifically?
Real-time threat sensing: AI monitors system behavior, detects anomalies (like an account suddenly downloading massive files)
Adaptive defense: When attack detected, AI auto-adjusts protection (blocking suspicious IPs, isolating infected devices)
Predictive protection: AI learns historical attack patterns, predicts next moves, deploys defenses in advance
Sounds great, but implementation is tough.
Three Challenges
False positives: AI might flag normal behavior as attacks (employee working late suddenly accessing servers extensively—AI thinks it’s anomalous)
Privacy: AI monitoring means collecting massive data—will employees accept it?
Arms race escalation: Attackers use AI too—they’ll study defense AI’s weaknesses and bypass it
No perfect solution. Enterprises balance “security” versus “efficiency.”
My Take
Ma Hongjun saying “most security products will fail” is somewhat exaggerated, but directionally right.
AI-driven attacks are indeed disrupting traditional security paradigms. Companies still thinking “buy a firewall and relax” will get burned eventually.
But AI security products aren’t panaceas either. AI can introduce new risks (AI systems themselves being attacked), or cause business disruption through false positives.
So AI-native security isn’t “AI replaces everything”—it’s “AI augments human decision-making.”
Where human judgment is needed, humans must still decide. AI is a tool, not a savior.
Hold on—take it slow. AI security is a long-term battlefield, not something solved overnight.