← All posts

AI · May 19, 2026 · intSignal AI Team

AI in Cybersecurity: Separating Hype From Reality

The claim and the reality

Every security product now ships with "AI" on the box. Some of it is transformative, some of it is a rebranded regex, and most of it sits somewhere in between. For a technical buyer, the problem is not whether AI belongs in security — it clearly does — but knowing which claims to trust and which to discount. This post is a candid, practitioner's read on where machine learning genuinely moves the needle for defenders, where it is oversold, how attackers use the same tools against you, and why the human in the loop is not going away.

We build and run these pipelines for clients, so the framing here is operational rather than promotional. AI is a force multiplier for people who already know what good looks like. It is not a substitute for them.

Where AI genuinely helps defenders

The wins are real, but they are specific. AI earns its keep in four areas that share a common trait: high data volume, patterns that resist hand-written rules, and a tolerance for probabilistic answers a human then confirms.

  • Behavioral and anomaly detection. Signature-based tools catch known-bad; behavioral models catch different. Baselining normal activity for a user, host, or service account, then flagging deviations — an admin logging in from a new country at 3 a.m., a server suddenly beaconing outbound, lateral movement that no single rule describes — is a problem statistics handle better than static thresholds. This is the engine behind modern user and entity behavior analytics and much of what powers a real security operations center.
  • Alert triage and enrichment. The scarce resource in security is analyst attention. Models that cluster related alerts into a single incident, attach context (asset criticality, threat intelligence, prior history), and rank by probable severity turn a flat queue of 5,000 alerts into a prioritized handful. This does not decide anything — it decides what a human looks at first.
  • Phishing and language analysis. Large language models are genuinely good at reading the intent of a message: the urgency of a fake wire request, a look-alike domain, a tone that does not match the supposed sender. This catches business email compromise, where there is no malware to fingerprint at all.
  • Malware classification. Clustering never-before-seen samples by behavior and structure lets defenders recognize a new variant as a member of a known family in seconds, rather than waiting for a signature to be written and distributed.

The common thread: AI is excellent at narrowing the field — surfacing the 50 things worth investigating out of 50,000 — and weak at rendering a final verdict on any one of them.

Where it is oversold

Marketing outruns capability in a few predictable places, and knowing them keeps a budget honest.

  • "Fully autonomous" security. The pitch of a platform that detects, investigates, and remediates with no humans involved is, today, marketing. Fully automated response to a real intrusion means handing an algorithm the authority to isolate hosts, disable accounts, and block traffic on its own read of the situation. On irreversible actions, the false-positive cost is a self-inflicted outage.
  • "Zero false positives." No detection system escapes the base-rate problem. When malicious events are rare relative to benign ones, even a very accurate model produces false alarms in absolute numbers. A model tuned to miss nothing will bury analysts in noise; one tuned to stay quiet will miss real attacks. Every deployment lives on that curve, and the honest question is where you have chosen to sit, not whether you have escaped it.
  • "AI replaces your analysts." It changes what analysts do — less manual correlation, more judgment on the escalations that matter — but the demand for skilled people who can interpret an ambiguous signal has, if anything, gone up.
  • Prediction as fact. A model output is a probability, not a ruling. Treating a risk score as ground truth is how teams end up chasing confident nonsense.

A useful test for any vendor: ask what the tool does when it is wrong, how the model was trained and validated, and what the false-positive rate looked like in a customer environment resembling yours. Vague answers are the tell.

Attackers have the same tools

AI is not defense-only. The same capabilities that help your team are already in the adversary's kit, and pretending otherwise is a planning error.

  • Better phishing at scale. Generative models remove the classic tells — broken grammar, awkward phrasing — and let an attacker produce fluent, personalized lures in any language, tuned to a target's role and recent activity. The cost of a convincing campaign has collapsed.
  • Deepfake voice and video. Synthetic audio of an executive authorizing a wire, or a live video call with a fabricated face, has already been used in real frauds. "I heard my CFO say it" is no longer proof of anything.
  • Faster reconnaissance and tooling. Models accelerate the boring parts of an attack — parsing leaked data, drafting exploit code, summarizing a target's footprint — compressing the time from access to impact.

The practical response is not panic. It is process: out-of-band verification for financial and access requests, phishing-resistant authentication, and detection that assumes a convincing lure will eventually land. Technology raised the quality of the bait; controls that never trusted the bait in the first place still hold.

The human in the loop is the design, not the fallback

The most reliable pattern we deploy keeps AI and analysts in their respective lanes. Machines do what they are good at — ingesting everything, correlating at scale, scoring and ranking — and hand a curated, context-rich shortlist to people who supply judgment, especially before any irreversible action. Automate the reversible and routine (enriching an alert, opening a ticket, quarantining a single obviously malicious file); escalate the novel and the consequential.

This is exactly how a well-run managed detection and response service is built. AI collapses the noise so a 24/7 team can act on what matters, and a human confirms the verdict before an account is disabled or a segment is cut off. The machine learning and AI work we do for clients is aimed at that division of labor — sharpening the signal, never removing the analyst.

Living with false positives

Because false positives are a property of the math, not a bug to be eliminated, the discipline is managing them:

  1. Tune to the environment. A model calibrated on generic data will misfire on your specific normal. Continuous feedback — analysts marking verdicts — is what pulls accuracy up over time.
  2. Route by confidence. High-confidence, low-blast-radius events can trigger automated action; everything else routes to a human. Match the automation to the cost of being wrong.
  3. Measure honestly. Track precision and recall, not a single "accuracy" number that hides the tradeoff. Watch alert fatigue as its own metric; a drowning team misses real incidents.
  4. Keep the loop closed. Every confirmed false positive is training data. A pipeline that does not learn from its mistakes stops improving the day it ships.

The bottom line

AI in security is neither magic nor marketing vapor. It is a genuine step change in how fast defenders can sift enormous volumes of data — and a genuine upgrade to the attacker's toolkit at the same time. The organizations that get value from it treat it as an amplifier for skilled people and sound process, size their automation to the cost of an error, and stay skeptical of anything that promises to remove the human entirely.

If you want a straight answer on which AI-driven controls would actually reduce your risk — and which are noise — talk to intSignal. We will assess what you have, model where the real exposure is, and build detection that puts AI to work without handing it the keys.