This is an info Alert.
⌘K
  • Home
  • News
  • Blog
  • Releases
  • LLM history
  • Compare LLMs
  • Library
  • About
Sign in

A blog and notes on development. The easiest way to reach me is via the social links below.

Documents
Terms of UsePrivacy Policy
Contacts
talalaev.misha@gmail.com

© All rights reserved.

AI Agents in Information Security: 18 Audits, Millions of Logs, and a Real-World Comparison of AI vs. Manual Analysis

Sh0ny
Sh0ny
8 июля 2026
  1. Home
  2. Blog
  3. AI Agents in Information Security: 18 Audits, Millions of Logs, and a Real-World Comparison of AI vs. Manual Analysis
1 min read

In short

Ideco tested AI agents on real-world information security tasks: auditing firewall rules, analyzing IPS and DNS logs, and red teaming. We’ll examine where the agent saves hours of work and where it remains a source of risk.

A “championship” of its own is unfolding in cybersecurity—AI vs. AI. Attacking agents accelerate reconnaissance, generate exploits, and move within the network. Defensive agents read configurations, analyze logs, and help specialists make decisions faster.

The company Ideco conducted its first 18 audits using AI agents on real-world information security tasks. The authors’ main point: this is not about some magical “human-free” automation. Value is created when a specialist provides the agent with context, rules, access permissions, and verification criteria.

What an AI agent can do

  • Firewall rule audit — the agent analyzes configurations and helps identify redundant or dangerous rules.
  • Analysis of IPS and DNS logs — processing millions of records, searching for anomalies and patterns.
  • Red teaming — simulating attacks to test the resilience of security measures.

The authors emphasize that everything described here can be applied to any security solution with a standard machine interface. This is not about a specific product, but rather a new layer of automation that transforms the work of security professionals.

Where the Risk Lies

It is not the AI itself that needs to be restricted, but rather the agent’s data, permissions, and actions. Without expert validation and properly configured security measures, the agent remains a source of potential errors. Security is still ensured by control processes and human oversight.

From Chatbot to Autonomous Agent

The authors provide a brief timeline: from the simple chatbots of 2022 to autonomous agents capable of acting independently within the infrastructure. It is precisely now that technology has reached a level where agents have “taken off” in practical information security scenarios.

Source: All Articles / Machine Learning / Habr

новостибезопасностьaiагенты
Liked this write-up? Get one like it in your inbox every week
​

Comments

(0)
​