惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Hacker News: Ask HN
Hacker News: Ask HN
WordPress大学
WordPress大学
H
Help Net Security
小众软件
小众软件
N
Netflix TechBlog - Medium
C
Check Point Blog
量子位
Last Week in AI
Last Week in AI
GbyAI
GbyAI
Martin Fowler
Martin Fowler
M
MIT News - Artificial intelligence
博客园 - 聂微东
Engineering at Meta
Engineering at Meta
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
J
Java Code Geeks
D
DataBreaches.Net
Project Zero
Project Zero
P
Proofpoint News Feed
T
Threat Research - Cisco Blogs
Security Latest
Security Latest
Cisco Talos Blog
Cisco Talos Blog
Recorded Future
Recorded Future
I
Intezer
L
Lohrmann on Cybersecurity
Cyberwarzone
Cyberwarzone
博客园_首页
C
Cyber Attacks, Cyber Crime and Cyber Security
L
LangChain Blog
P
Palo Alto Networks Blog
V
V2EX
D
Darknet – Hacking Tools, Hacker News & Cyber Security
T
The Exploit Database - CXSecurity.com
The Hacker News
The Hacker News
Blog — PlanetScale
Blog — PlanetScale
G
GRAHAM CLULEY
T
The Blog of Author Tim Ferriss
C
Cisco Blogs
The Register - Security
The Register - Security
L
LINUX DO - 热门话题
P
Privacy & Cybersecurity Law Blog
Scott Helme
Scott Helme
F
Full Disclosure
博客园 - 司徒正美
Recent Announcements
Recent Announcements
IT之家
IT之家
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Attack and Defense Labs
Attack and Defense Labs
Cloudbric
Cloudbric
Help Net Security
Help Net Security
The Last Watchdog
The Last Watchdog

SiliconANGLE

Will agentic AI governance run amok? The lesson of Asimov’s Three Laws - SiliconANGLE AI + quantum, Amazon vs. Starlink and the wide-open US-China internet battle - SiliconANGLE Team Cymru launches Total Insights Feed to replace legacy threat intelligence lists - SiliconANGLE AI Mode in Chrome adds split-screen view to enhance the web search experience - SiliconANGLE Resolve AI raises $40M at $1.5B valuation to optimize production environments - SiliconANGLE How Zscaler and OpenAI turn zero-trust security into an AI accelerator - SiliconANGLE OpenAI ratchets up Codex's agentic capabilities to rival Claude Code - SiliconANGLE Anthropic launches Claude Opus 4.7 with coding, visual reasoning improvements - SiliconANGLE Slash raises $100M at a $1.4B valuation to expand AI-powered banking platform for online businesses - SiliconANGLE Canva unveils Canva AI 2.0, recasting its platform as an agentic system for work - SiliconANGLE Data center, consumer device chips boost TSMC’s revenue - SiliconANGLE Mission-critical security cannot be bolted on, says Oracle - SiliconANGLE Agentic infrastructure reshapes enterprise AI - SiliconANGLE Data quality, and data freedom, foundational for AI success - SiliconANGLE Data trust is a bedrock in successful, scalable AI outcomes - SiliconANGLE Google introduces new agentic AI-ready tools and resources for Android developers  - SiliconANGLE Agentic AI orchestration separates winners from laggards - SiliconANGLE Data-driven tools turning the tide against human trafficking - SiliconANGLE Achieving trusted AI development goes beyond 'vibes' - SiliconANGLE Impinj boosts edge computing power in updated R700 RAIN RFID reader - SiliconANGLE Certinia powers professional services with AI - SiliconANGLE Antioch prepares to accelerate simulated testing for autonomous robots after raising $8.5M - SiliconANGLE Developer tooling startup Expo nabs $45M investment - SiliconANGLE Solidroad lands $25M to bring AI to customer support interactions - SiliconANGLE DuploCloud lands compliance and AI governance certifications as enterprise buyers tighten scrutiny - SiliconANGLE Lua lands $5.8M to help businesses build and manage AI agent workforces - SiliconANGLE Best of frenemies: Oracle's and AWS' clouds unite with dedicated, private connectivity - SiliconANGLE NIST shifts National Vulnerability Database to risk-based triage as CVE submissions hit record levels - SiliconANGLE Cisco goes to the races with new Churchill Downs multiyear partnership - SiliconANGLE Susecon 2026 will tackle the future of open-source platforms - SiliconANGLE Seriously? Footwear brand Allbirds says it has just transformed into an AI business - SiliconANGLE Hilbert nabs $28M to ease analytics projects for consumer-focused companies - SiliconANGLE Qlik debuts new agentic capabilities, aiming to enhance AI trust and transparency - SiliconANGLE Google's Gemini 3.1 Flash TTS model offers unparalleled control over AI voices - SiliconANGLE Parasail raises $32M for its pay-per-token inference cloud - SiliconANGLE Distributed multicloud architectures reshape data - SiliconANGLE Scaling the AI factory through conversational analytics - SiliconANGLE AI-driven decision-making reshapes analytics - SiliconANGLE Artemis reels in $70M to make breach remediation more efficient with AI - SiliconANGLE Cloud infrastructure: Google Cloud growth drives market - SiliconANGLE Trusted data foundation is a gating factor for enterprise AI - SiliconANGLE Redefining database infrastructure with Oracle AI database - SiliconANGLE Oracle makes database key for agentic AI development - SiliconANGLE Oracle bets on AI database convergence for agentic AI - SiliconANGLE Quantum technologies drive EU strategy for hybrid computing - SiliconANGLE Hybrid quantum-HPC computing reshapes infrastructure - SiliconANGLE Quantum computing meets HPC in hybrid models - SiliconANGLE Quantum-HPC integration enters 'software moment' - SiliconANGLE DeepMind launches Gemini Robotics-ER 1.6 to meet precise physical AI demands  - SiliconANGLE GrowthLoop targets real-time, causal decisioning with AI-infused marketing platform - SiliconANGLE Stendr snags $5.4M in pre-seed funding to develop AI-native drone-tracking tech - SiliconANGLE Salesforce bets on conversation as the new interface for developers - SiliconANGLE Emergent launches Wingman: a personal AI agent for everyone  - SiliconANGLE Axonius targets remediation gap with AI, cyber-physical assets and data trust layer - SiliconANGLE Capsule Security launches with $7M to secure AI agents at runtime - SiliconANGLE Leapwork hands off code validation to AI agents to keep pace with automated software development - SiliconANGLE SolarWinds accelerates observability with SW1, an 'agentic AI teammate' that automates IT firefighting - SiliconANGLE AI satellite constellation startup Orbital gets funded by a16z to verify space-based data center concept - SiliconANGLE Helical raises $10M to bridge the gap between foundation models and drug discovery decisions - SiliconANGLE Sectigo launches Private PQC to enable post-quantum certificate testing in existing workflows - SiliconANGLE German startup Synera lands $40M to automate engineering workflows with AI agents - SiliconANGLE Leadership shifts redefine enterprise AI - SiliconANGLE OpenAI partners with Novo Nordisk to accelerate drug discovery and delivery - SiliconANGLE Amazon debuts high-speed satellite internet antenna for commercial aircraft - SiliconANGLE Japanese tech giants launch joint venture targeting physical AI for robots and machines - SiliconANGLE Electric pickup truck startup Slate Auto raises $650M in funding - SiliconANGLE Zoom Perspectives: Why 'agentic' work is the new enterprise standard - SiliconANGLE China has erased the US lead in AI, Stanford HAI's 2026 AI index reveals - SiliconANGLE Cloudflare expands Agent Cloud with new tools to build and scale AI agents - SiliconANGLE Commvault rolls out AI capabilities to secure agentic workflows and data - SiliconANGLE Digital employees are here: What now? - SiliconANGLE Report: Cisco could acquire AI agent security startup Astrix Security for $250M+ - SiliconANGLE CoreWeave inks multiyear cloud deal with Anthropic - SiliconANGLE Agentic AI will force a rethink at the network edge - SiliconANGLE AI training data startup AfterQuery nabs $30M investment - SiliconANGLE Quantum computing market picks up steam - SiliconANGLE Healthcare IT under siege: CloudWave is fighting back - SiliconANGLE Cloud rebalancing gives service providers a new edge - SiliconANGLE Anthropic tries to keep its new AI model away from cyberattackers as enterprises look to tame AI chaos - SiliconANGLE Nutanix expands agentic AI infrastructure for neoclouds - SiliconANGLE Meta says it will spend an additional $21B on CoreWeave's AI infrastructure - SiliconANGLE Florida AG opens probe into ChatGPT alleging connection to FSU shooting - SiliconANGLE Cisco buys Galileo to strengthen Splunk's agentic monitoring capabilities - SiliconANGLE RISC-V chip design startup SiFive nabs $400M investment - SiliconANGLE Anthropic and OpenAI target big businesses with enterprise-grade controls and lower pricing - SiliconANGLE Intel inks multiyear data center chip partnership with Google - SiliconANGLE Apiiro launches command-line interface to bring AI-native security into software development workflows - SiliconANGLE Yobi teams with Microsoft to deliver predictive consumer intelligence on Azure - SiliconANGLE Amazon CEO Andy Jassy highlights AI growth in annual shareholder letter - SiliconANGLE Is a backlash brewing? Rapid innovation in AI coding and agents may force push for enterprise order and control - SiliconANGLE AI-driven guest experience reshapes hospitality IT strategy - SiliconANGLE Tether launches open-source on-device AI framework for developers - SiliconANGLE Database lifecycle management top priority in enterprise AI - SiliconANGLE AWS previews a cloud-agnostic registry for managing agentic fleets at scale - SiliconANGLE Nutanix bets on agentic AI governance - SiliconANGLE AI infrastructure modernization drives storage rethink - SiliconANGLE Haast raises $12M to help legal teams make haste with compliant AI-generated content - SiliconANGLE Blaize launches AI Services platform to move enterprise AI from pilot to production - SiliconANGLE Wasabi to acquire Seagate's Lyve Cloud business - SiliconANGLE Refiant raises $5M to refine AI models with 'nature-inspired' energy efficiency - SiliconANGLE
AI exposes attacks traditional detection methods can't see - SiliconANGLE
Evan Powell · 2026-05-04 · via SiliconANGLE

AI exposes attacks traditional detection methods can’t see

Most discussions about artificial intelligence security are focused on what models might do wrong. The more urgent issue is what our detection systems still cannot see — and side-channel attacks are making that gap visible.

Side-channel attacks gather information or interferes with a program’s execution by targeting physical factors such as power consumption, electromagnetic emissions and processing time rather than targeting software code. They can exfiltrate sensitive information such as cryptographic keys by measuring coincidental hardware emissions.

Recent research has shown that an outside observer can infer the topic of an AI interaction simply by analyzing encrypted traffic patterns. No decryption required. No payload inspection. Just structure, timing and sequence. The signal exists, but it lives outside the content security tools that were designed to inspect.

This is not just a novel attack technique. It is evidence of a broader failure in the design of detection. We built security architectures to match indicators. Increasingly, the most important signals do not present as indicators at all.

Where rules fail

For the past two decades, detection has been defined by rules. Signatures, thresholds, known patterns and anomaly baselines have formed the backbone of security operations. The industry has gotten good at creating more rules, better rules and now AI systems that help write and tune them faster.

But none of that changes the underlying constraint. Rules require something discrete to match: a known artifact, a recognizable deviation or a boundary crossed.

Side-channel attacks don’t provide that. Neither do many modern intrusions. An attacker operating through encrypted channels, legitimate tools or AI-assisted workflows can move through an environment without ever triggering a condition that a rule can evaluate. The activity is valid at every individual step. The pattern becomes visible only when you look at how those steps connect over time.

That is the detection gap. It is not a matter of coverage but an architectural limitation. A whole class of attacker behavior produces no alert because it produces no matchable signal.

Gap is growing

The practical consequence of this gap is straightforward. There are scenarios in which attackers operate within an environment, and the security team receives no signal at all. Not a low-confidence alert. Nothing to investigate.

Side-channel attacks are one example of this. The data is present, but it sits in timing, sequencing and interaction patterns that traditional tools are not designed to interpret. The same is true for low-and-slow intrusions, living off the land techniques and AI-assisted attack chains that adapt as they move.

As organizations expand their use of AI, both in business operations and in attack tooling, the proportion of activity that falls into this gap increases.

At the same time, most security investments continue to focus on optimizing what is already covered: faster rule creation, better tuning and more efficient alert triage. These improvements matter, but they do not address the portion of the attack surface that produces no alert in the first place.

AI at the wrong layer

A significant amount of AI is being deployed across security operations today. Much of it is valuable in helping summarize alerts, accelerating investigations and reducing the operational burden on analysts.

But most of these systems are applied after a detection has already occurred. They improve response. They do not fundamentally change how detection works. This distinction matters.

If a class of attacker behavior doesn’t generate an alert, then no amount of automation, summarization or prioritization will surface it. Side-channel attacks reinforce this point. The signal exists, but it is not expressed in a way that rule-based systems or post-detection AI can process. The same dynamic applies to any attack that unfolds through legitimate actions, encrypted channels or gradual progression.

The industry is investing heavily in making detection workflows more efficient. It is investing far less in expanding what detection can actually observe.

Behavior, not just events

Closing this gap requires a different approach to detection, one that doesn’t depend on predefined indicators or human-authored rules.
The signals security teams need to detect these new attacks already exist. The sequence of actions, the relationships between systems and the timing and progression of behavior reveal intent in a way that individual events cannot.

Ironically, many of the same deep learning approaches that make for effective side-channel attacks can also be used to see traffic patterns that determine whether they contain attacks.

An attacker staging lateral movement through encrypted channels leaves a trace, not in the content of the traffic, but in how access patterns evolve. A side-channel leak doesn’t expose data directly, but it exposes structure. The same principle applies across modern attack techniques.

To read that signal, detection systems must operate on behavioral sequences rather than isolated events. They must evaluate whether the activity aligns with how systems are expected to function over time, not just whether a single action appears anomalous. This is a different category of problem than rule optimization. It requires models that can learn from structured operational data and identify patterns that were never explicitly defined in advance.

For security leaders evaluating AI investments, this is a useful distinction. Some systems make existing detection workflows more efficient. Others expand the detection surface itself by identifying behavior that rules cannot express. Both have value, but they solve fundamentally different problems.

Rethinking detection

For most organizations, the first step is not adding new tools; it is developing a more accurate understanding of what their current detection strategy actually covers.

That starts with an honest assessment of visibility. That’s not just whether a rule exists for a given technique, but whether the system can reliably detect it under realistic conditions. Early-stage reconnaissance, subtle lateral movement and activity that blends into normal operations are often where the largest gaps appear.

It also requires examining how detection is performed. If the entire stack is built around matching individual events or predefined indicators, then the limitation is structural. Improving rule quality will not resolve it.

When evaluating AI-driven security capabilities, the key question is straightforward: Does this system detect behavior that cannot be captured in a rule, or does it make rule-based detection more efficient? That distinction is critical for making informed investment decisions.

Closing the detection gap addresses more than response times. It changes when organizations become aware that something is wrong.

Earlier detection reduces dwell time, limits the scope of incidents and gives defenders the opportunity to act before attackers achieve their objectives. It also provides a more accurate picture of actual risk exposure. Many organizations operate with an inflated sense of visibility because their tools perform well within a constrained detection model.

Side-channel attacks are a useful signal in their own right. They demonstrate that meaningful information can exist outside the boundaries of what traditional systems are designed to inspect. More importantly, they highlight how much of that information is currently being ignored.
AI did not introduce this problem. It exposed it.

The organizations that adapt won’t be the ones that simply move faster within existing detection models but expand what detection can see in the first place.

Evan Powell is chief executive officer of DeepTempo, the business name of Skidaway Inc. He wrote this article for SiliconANGLE.

Image: SiliconANGLE/DALL-E 3

A message from John Furrier, co-founder of SiliconANGLE:

Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.

  • 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
  • 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.

About SiliconANGLE Media

SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.