This blog is based on a SmartBrief interview of Expel CSO Greg Notch at RSAC 2026. You can read the original article, published on 4/7/26 by Susan Rush, here.
TL;DR
- AI can now generate a functional zero-day exploit in minutes for tiny amounts of compute cost, putting NSA-level attack capability in anyone’s hands.
- Agentic AI raises the stakes further—autonomous systems can move laterally, harvest credentials, and escalate attacks faster than human analysts can respond.
- Security teams need to match attack speed with defensive speed. Autonomous detection, detection engineering investment, and tighter identity and data governance are where to start.
Artificial intelligence can now generate a functional zero-day exploit in minutes for a negligible cost. This means every threat actor—regardless of sophistication—now has access to attack capabilities that were previously the exclusive domain of nation-state operators, and your detection and response program must evolve to match that speed.
This isn’t a thought experiment. It’s where we are in 2026, and it was the central theme running through conversations at RSAC this year. Expel CSO Greg Notch put it plainly: Anyone who wants to can now be operating at the level of a sophisticated nation-state attacker. The question isn’t whether your organization will face AI-accelerated attacks. It’s whether your defenses can keep up when they arrive.
What is an AI-generated zero-day and why does it matter?
A zero-day exploit targets a previously unknown vulnerability—one the software vendor hasn’t had a chance to patch. Historically, developing a reliable zero-day required deep technical expertise, significant time investment, and resources that limited their use to well-funded threat actors. That constraint is gone.
Modern AI models can analyze codebases, identify exploitable patterns, and generate working proof-of-concept exploits at a speed and cost that would have seemed implausible three years ago. What once took a skilled researcher days or weeks now takes minutes. What once cost significant money now costs less than a cup of coffee.
The downstream effect isn’t just that attacks get faster—it’s that the barrier to entry collapses entirely. Beginners and low-sophistication threat actors now have access to the same offensive toolkit as advanced persistent threat groups. Volume goes up, quality of attack goes up, and the window between vulnerability disclosure and active exploitation shrinks to near-zero.
There’s a compounding problem that doesn’t get enough attention: patch diffing. When a vendor ships a fix, attackers can compare the patched and unpatched versions of the code to pinpoint exactly what changed—and work backward to build an exploit before most organizations have deployed the update. AI makes this dramatically faster. The patch itself becomes a roadmap. As Rich Mogull and the CSA CISO community argue in their recent briefing on AI-driven vulnerability discovery, time to exploitation is now down to hours—meaning the patch window defenders have long relied on is effectively gone.
How are threat actors using AI to accelerate attacks in 2026?
Zero-day generation is the headline, but it’s one capability in a broader shift. Here’s where AI is actively changing the attack surface:
- Zero-day generation. As covered above, bad actors now have access to functional exploits in minutes, at scale, for negligible cost. The economics of offensive security have inverted.
- Spear phishing at scale. AI eliminates the manual effort that previously capped phishing volume and quality. Threat actors can now generate highly personalized, contextually accurate spear-phishing lures at an industrial scale, simply by using publicly available data from LinkedIn, company websites, and prior breach datasets to tailor each message. The obvious grammatical errors that once flagged phishing emails are increasingly absent.
- Identity credential harvesting. AI-powered tools can automate credential stuffing, synthesize stolen data across breach dumps, and correlate identity fragments to reconstruct usable account credentials. Non-human identities—service accounts, API keys, OAuth tokens—are a particular blind spot that threat actors are actively exploiting.
- Agentic AI lateral movement. This is the emerging frontier. Autonomous AI agents can be weaponized to move through an environment without continuous human instruction—identifying high-value targets, escalating privileges, and exfiltrating data in a sequence that can outpace traditional detection logic. The attack doesn’t wait for an operator to issue the next command.
What is agentic AI and why is it a new security challenge?
Agentic AI refers to AI systems designed to take guidance and reasonably develop sequences of actions–- autonomously toward a goal—without requiring human input at each step. Unlike a chatbot that responds to prompts, an agentic system plans, executes, and adapts based on what it encounters in the environment.
For defenders, agentic AI is genuinely exciting. It’s the foundation for autonomous detection and response capabilities that can operate at machine speed. For attackers, it’s equally powerful. A weaponized agentic system doesn’t need a human handler to move laterally through a network, identify sensitive data stores, or trigger exfiltration. It just runs.
This is what makes 2026 different from every prior “AI in security” conversation. The threat isn’t AI-assisted humans doing bad things faster, it’s autonomous systems operating independently at a pace and scale that human defenders can’t match without their own autonomous counterparts. As Notch noted at RSAC, “This isn’t blockchain. This is something else.”
How should security teams respond to AI-speed attacks?
The answer isn’t to panic-buy tools. It’s to make deliberate investments in the capabilities that let you defend at the speed of the threat. Here’s the short list:
- Shift to autonomous detection. Manual triage and human-in-the-loop workflows were designed for a threat environment that no longer exists. Detection logic needs to execute automatically, at machine speed, against the behaviors that matter, not the indicators of compromise that were relevant last quarter.
- Invest in detection engineering. Getting the most from autonomous detection means building and maintaining detection content tuned to your environment. Generic out-of-the-box rules won’t catch novel AI-generated attack patterns. Detection engineering—the practice of building, testing, and iterating detection logic—is now a core security function, not a nice-to-have.
- Evaluate managed SIEM. Your SIEM is only as useful as the detection content running in it and the team managing it. In a world of novel exploitation, you need to find both “known unknowns” and “unknown unknowns” in your environment—and SIEM is back on the menu as the place to do that. As AI-speed threats raise the bar for what good detection looks like, teams without dedicated detection engineering capacity are falling behind. Managed SIEM closes that gap without requiring you to staff and retain a full detection engineering team in-house.
- Prioritize identity and data governance. Identity is becoming even more critical as AI and agents are deployed: non-human identities are the fastest-growing attack surface. Knowing what identities exist in your environment, what they have access to, and whether that access is behaving normally is foundational—and it was a gap before AI made it urgent. Agentic AI attacks will exploit identity weaknesses before they exploit anything else.
What is the difference between MDR and managed SIEM for AI threat detection?
This is a question more security leaders are asking as AI threats raise the bar for detection capability, and the honest answer is they solve different parts of the problem.
Managed detection and response (MDR) provides outsourced 24×7 monitoring, investigation, and response across your environment. A good MDR provider brings detection expertise, threat intelligence, and response capability—meeting you where you are and handling the work your team doesn’t have bandwidth to do. For most organizations, MDR is the foundation.
Managed SIEM is for teams that want more control over detection engineering in their own environment, and need help managing the complexity of the SIEM infrastructure itself. SIEMs are powerful and notoriously difficult to operate well. Managed SIEM delivers forward-deployed detection engineering via a team that builds and tunes detection content in your SIEM, aligned to your specific environment and risk profile, without requiring you to own all of that expertise in-house.
The two aren’t mutually exclusive. There’s a real segment of the market that wants the coverage of an MDR provider and the detection engineering depth that managed SIEM provides, particularly as AI-speed threats demand increasingly sophisticated, environment-specific detection logic.
How does Expel Managed SIEM help teams detect AI-speed threats?
The core problem with most SIEM deployments isn’t the technology—it’s the ongoing work required to make it useful. Detection content goes stale. Tuning backlogs grow. The team that implemented the SIEM three years ago has turned over. The result is a powerful piece of infrastructure running on detections that no longer reflect the current threat landscape.
Expel Managed SIEM is designed to address exactly that. The service provides forward-deployed detection engineering—meaning Expel’s team works inside your SIEM environment, building and maintaining detection content tuned to what’s actually happening in your organization, not generic coverage that looks good on a dashboard.
For teams facing AI-speed threats, that matters. Novel attack patterns generated by AI tools don’t map cleanly to legacy detection rules. Staying ahead of them requires continuous detection engineering—the kind of ongoing investment that most in-house teams don’t have capacity to sustain. Managed SIEM makes that capacity available without a full internal detection engineering hire.
