How Ami Luttwak Sees AI Reshaping the Cybersecurity Threat Landscape

Ami Luttwak, chief technologist at Wiz, brings an essential perspective to one of today’s most pressing questions: how is artificial intelligence transforming cyberattacks? His answer reveals something fundamental about security itself. “Cybersecurity is largely psychological,” he explains. Every technological shift creates new opportunities for attackers. As organizations rapidly integrate AI into their operations—through code generation tools, autonomous agents, and purpose-built applications—the potential attack surfaces multiply exponentially. This acceleration, while boosting developer productivity, often introduces careless implementations and overlooked details that create security gaps.

Wiz, acquired by Google in 2024 for $32 billion, recently completed experiments revealing a troubling pattern. Insecure authentication mechanisms consistently appear in AI-generated applications. The reason is straightforward: “It’s simply easier to build that way,” Luttwak notes. When developers prompt AI agents to write code without explicitly demanding the most secure approach, the tools comply with the path of least resistance. The fundamental challenge companies face today is balancing velocity with protection.

The Parallel Evolution: Both Defenders and Attackers Embracing AI

What makes the current moment particularly complex is that malicious actors have also discovered AI’s potential. Attackers now leverage prompt-driven techniques and their own AI agents to conduct operations. “You can actually observe attackers using prompts as part of their attacks,” Luttwak observed. These aren’t limited to code generation. Threat actors actively search for deployed AI tools and instruct them to reveal secrets, delete systems, or expose files. The dynamic has fundamentally shifted from attackers trying to hide from security tools to attackers actively commandeering those same tools.

This capability extends to the internal AI deployments companies use to boost productivity. These integrations open doors to what security professionals call “supply chain attacks.” When attackers breach a third-party service with deep access to a company’s infrastructure, they can move laterally into previously protected systems.

When Third-Party Tools Become Attack Vectors

The Drift compromise provided a concrete demonstration. The company, which supplies AI chatbots for enterprise sales and marketing functions, was breached in late 2024. Attackers obtained authentication tokens, used them to masquerade as the legitimate chatbot, accessed Salesforce instances belonging to hundreds of enterprise clients, and pivoted laterally within customer environments. Affected organizations included Cloudflare, Palo Alto Networks, and Google. Notably, Luttwak pointed out that “the malicious code was deployed by the attacker, and it too was created using AI-driven code generation.”

Another significant incident, termed “s1ingularity,” targeted Nx, a JavaScript development tool used by thousands of developers worldwide. In 2024, threat actors injected malware designed to identify AI assistant tools like Claude and Gemini running on developer machines. The malware then commandeered these AI tools to autonomously search for sensitive information—API keys, tokens, credentials—and exfiltrate them. The breach exposed thousands of developer credentials, granting attackers access to private GitHub repositories and deeper infrastructure.

Rethinking Security Architecture in an AI-Powered World

Luttwak emphasizes that despite comprising only about 1% of enterprises, organizations leveraging AI tools are already experiencing weekly attacks affecting thousands of clients. “If you analyze the attack sequence, AI played a role at every phase,” he observed. “This transformation is occurring faster than we’ve ever witnessed. The industry must accelerate its defensive capabilities in parallel.”

Wiz itself has evolved to address this landscape. Founded in 2020 with a focus on identifying misconfigurations and vulnerabilities in cloud environments, the company expanded significantly over the past 18 months. In September 2025, Wiz launched Wiz Code, designed to secure the software development lifecycle by catching security issues early through “secure by design” principles. In April 2025, Wiz Defend emerged, offering real-time threat detection and response for cloud environments. Luttwak stresses that delivering what he calls “horizontal security” requires understanding clients’ applications at a fundamental level.

Security Must Begin Before Code is Written

For early-stage companies, Luttwak offers clear guidance: startups shouldn’t automatically hand sensitive enterprise data to “every small SaaS vendor with a handful of staff, regardless of promises about AI insights.” Instead, he argues, security and compliance must be foundational priorities, not afterthoughts. “You need a CISO (chief information security officer) from the very beginning—even if your team is only five people,” he insisted.

The practical approach involves adopting enterprise-grade security mindsets before any code exists. This includes implementing audit trails, multi-factor authentication, production access controls, development protocols, accountability measures, and single sign-on capabilities. Wiz itself achieved SOC2 Type II compliance—a significant security standard—before writing substantial code. “It’s far easier to get SOC2 certification with five employees than with 500,” Luttwak revealed.

Architecture decisions carry equal weight. Companies targeting enterprise clients must design systems where customer data remains isolated within the customer’s own environment, not commingled with the vendor’s infrastructure.

The Opportunity Ahead

Luttwak sees the current era as one of genuine opportunity for cybersecurity innovation. Email security, phishing defense, malware protection, and endpoint security all face new attack patterns requiring new solutions. The same applies to “AI-driven security”—tools that use AI to defend against AI-powered threats. Many security teams are still learning how to deploy these capabilities effectively. According to Ami Luttwak, the field remains wide open, with novel attack vectors appearing across every security domain. “It’s time to rethink every aspect of our defenses,” he concluded.