Detecting Offensive Cyber Agents: A Detection-in-Depth Approach

Written By Matthew Mittelsteadt

This report was coauthored by Jam Kraprayoon, Robin Staes-Polet, Oskar Galeev, Jan Wehner, Christopher Covino, Shaun Ee.

Download the Report

Artificial Intelligence (AI) agents can now orchestrate cyberattacks. This development is already increasing the speed and scale of cyber attacks, decreasing attack costs, and improving the operational autonomy of cyber capabilities. To defend against these emerging threats, actors must first develop the capability to detect them. Detecting Offensive Cyber Agents aims to kick start that process. 

This report’s first goal is to frame the offensive cyber agent detection challenge by:

  • Outlining the coming detection gap between offensive cyber agents and traditional cyber capabilities. We expect agentic attacks to be far more challenging for defenders to detect. 

  • Introducingdetection-in-depth, a strategic framework to guide policymakers and defenders responding to this detection gap. This framework identifies improving detection as a means to sharply reduce attacker success, and calls for layers of novel, complementary detection mechanisms to achieve that success.

The report’s second goal is to present actionable detection mechanisms to support policymakers, industry, and defenders when putting this strategic framework into practice. These include: 

  • Agent Identifiers for Critical Infrastructure: persistent, cryptographically verifiable credentials attached to agent traffic that generate detection-relevant telemetry when interacting with critical infrastructure operators. 

  • Agent Honeypots: decoy systems designed specifically to attract autonomous attackers and extract threat intelligence about how malicious agents operate in real-world conditions.

  • AI-Automated Alert Analysis and Triage: systems that use AI to filter, prioritize, and interpret the growing volume of detection signals expected from autonomous cyber operations.

  • An Agentic Security Alert Standard: A reporting standard model that providers can use to communicate agentic threats,  improving the speed, consistency, and actionability of reports. 

  • An Agentic Cybersecurity Exchange (ACE): an institution modeled on the Global Signal Exchange that brings together model and cloud providers to detect offensive cyber agent threats at their origin-point and coordinate ecosystem-wide agentic threat disruption. 

Matthew Mittelsteadt
Next

After Mythos: A National Security Playbook for Frontier AI