.png)
Security always comes second, and attackers know it. Harry Wetherald, co-founder and CEO of Maze, is building on the defense side: AI agents that plug into your cloud environment, investigate every vulnerability in it, help decide what needs fixing, and help developers fix it. In this conversation, we get specific about the AI-driven arms race with attackers, why guardrails can't cleanly separate good hacking from bad, and why a data warehouse is the foundation of a system that investigates millions of vulnerabilities affordably.
We discuss:
1. Attackers scale the same way you do. Once an exploit works once, attackers wrap tooling around it and run it again and again for a few tokens. AI doesn't just speed them up; it strings longer sequences of bad things together, so defenders need systems that can find anything, not just the vulnerabilities with a known CVE.
2. Freedom first, then firewalls. Maze started with agents that had almost unlimited degrees of freedom, watched what they got up to in real environments, then distilled the work into lots of small questions answered by numerous micro-agents. Trust comes from adding layers of permissions and hard boundaries, giving each agent the least access it needs once you know what that is.
3. The hard part isn't accuracy, it's accuracy at a price. Anyone can build a version that looks good, but ten runs on the same data give ten answers, quality drifts as the dataset grows, and investigating millions of vulnerabilities can cost millions in inference. The moat is the unglamorous loop of building, measuring where cost comes from, and rebuilding until the system is both more accurate and orders of magnitude cheaper.