What happens when attackers can automate exploits?

Jul 7, 2026
Jul 7, 2026

Security always comes second, and attackers know it. Harry Wetherald, co-founder and CEO of Maze, is building on the defense side: AI agents that plug into your cloud environment, investigate every vulnerability in it, help decide what needs fixing, and help developers fix it. In this conversation, we get specific about the AI-driven arms race with attackers, why guardrails can't cleanly separate good hacking from bad, and why a data warehouse is the foundation of a system that investigates millions of vulnerabilities affordably.

We discuss:

  • How attackers move from weeks of human effort to the click of a button, and why AI strings longer chains of bad things together
  • Why the attacker tool stack forks the same open-source pen-testing frameworks that underpin commercial AI security tools
  • Why the line between "good" and "bad" hacking is too blurry for labs to enforce, and why model proliferation gives attackers options anyway
  • Why security always comes second, and what it means when a sales rep or CS person ships code to your production repo
  • In the alpha zone, how Maze went from one all-powerful agent to hundreds of thousands of tightly scoped micro-agents
  • How verbose agent traces let Maze pin a bad outcome back to a missing tool rather than bad reasoning
  • Why building this yourself runs into nondeterminism, accuracy drift, and million-dollar inference bills
  • Why onboarding an agent looks like onboarding a human: give it API access and permissions, then set hard boundaries

Three takeaways from this conversation:

1. Attackers scale the same way you do. Once an exploit works once, attackers wrap tooling around it and run it again and again for a few tokens. AI doesn't just speed them up; it strings longer sequences of bad things together, so defenders need systems that can find anything, not just the vulnerabilities with a known CVE.

2. Freedom first, then firewalls. Maze started with agents that had almost unlimited degrees of freedom, watched what they got up to in real environments, then distilled the work into lots of small questions answered by numerous micro-agents. Trust comes from adding layers of permissions and hard boundaries, giving each agent the least access it needs once you know what that is.

3. The hard part isn't accuracy, it's accuracy at a price. Anyone can build a version that looks good, but ten runs on the same data give ten answers, quality drifts as the dataset grows, and investigating millions of vulnerabilities can cost millions in inference. The moat is the unglamorous loop of building, measuring where cost comes from, and rebuilding until the system is both more accurate and orders of magnitude cheaper.

Get the latest in AI & data, straight to your inbox.

Thanks for subscribing!
Oops! Something went wrong while submitting the form.