AI is fundamentally reshaping the speed and scale of cyberattacks. Financially and geopolitically motivated threat actors are executing sophisticated attacks against Fortune 500 enterprises that frequently bypass perimeter defenses.
AI is compressing attack timelines
The organizations pulling ahead are those with runtime visibility into the applications that directly generate and impact revenue.
What AI is changing
In a report published in November 2025, Anthropic documented the first large-scale AI-orchestrated cyberattack campaign, in which AI autonomously performed 80–90% of attack operations with minimal human intervention. This signaled a turning point.
The threat actors causing the most damage today aren’t traditional nation-state actors or advanced persistent threats (APTs)—they’re financially motivated collectives like Scattered Spider. AI hasn’t invented fundamentally new attack techniques yet, but it has significantly increased attack volume and velocity—CrowdStrike observed an 89% increase in attacks by AI-powered adversaries in 2025 alone.1 Techniques once reserved for state-sponsored groups are now accessible to cybercriminals through AI-assisted tooling.
The same automation accelerating attacks also allows for faster defense. But with an average time of only 29 minutes from initial access to lateral movement, defenders relying on periodic assessments are structurally disadvantaged. The capability that matters now is continuous exposure assessment—analyzing real-time signals across all cloud assets and acting before adversaries complete their objectives.
Two battlefronts: One adversary
Traditional attack vectors haven’t disappeared—supply chains, endpoints, physical security, and human-targeted attacks are increasing just as rapidly. But business-critical applications have become a focal point of attack operations because lower entry barriers make them accessible to more threat actors. The applications that process transactions, manage customer data, and orchestrate supply chains are precisely where runtime compromise has the greatest business impact.
Organizations must drive parallel initiatives: one focused on people, identity governance, and communications; another on runtime protection, continuous exposure management, and application-layer visibility. These require different tools and skills—but critically, connected processes and connected insights. Siloed security functions are precisely what sophisticated attackers exploit.
Why runtime is the new frontline
Initiatives like Anthropic’s Claude Code Security and OpenAI’s reasoning-based vulnerability detection are collapsing scanning stages and shortening developer feedback loops. This is real progress. But production remains the definitive validation point. AI-generated code and accelerated release cycles introduce risks that surface only at runtime—pipeline scanners offer helpful signals but lack the reliability and context of a unified runtime view.
In an agentic ecosystem, detection and response can’t be focused on the perimeter—they must be intrinsic to the application and infrastructure. Environment-aware malware and prompt injection against enterprise AI agents aren’t visible at the perimeter. They’re visible at runtime. The XZ Utils backdoor (CVE-2024-3094) demonstrated this perfectly: malicious code passed all static analysis, activating only when loaded by sshd on targeted Linux distributions in production.7
Autonomous workflows that lack visibility into security risk operate with an incomplete picture. Integrating security context into agentic decision-making—rather than treating it as a separate operational domain—will be essential as enterprises scale these capabilities.
– IDC Link, Dynatrace Perform 2026: From Observability to Supervised Autonomous Operations (Doc #lcUS54307526, February 2026)
Security that’s embedded, not bolted on
The convergence of observability and security isn’t theoretical—it’s operational. IDC analysis notes that organizations expect the next generation of security to be embedded in solutions rather than bolted on. Dynatrace application security capabilities—runtime vulnerability analytics and runtime application protection—operate within Grail alongside observability and business data, sharing the same contextual mapping and causal dependency graph.
Resilience as a competitive advantage
Fortune 500 organizations that embed security into procurement, prioritize supplier maturity assessments, and integrate threat intelligence into operations are positioned to protect both infrastructure and the applications that drive revenue. Forward-thinking organizations recognize the agentic evolution as an opportunity to align security investments with business outcomes and build operational resilience that allows confident growth.
In a world where adversaries move from initial access to lateral movement in 29 minutes or less and autonomous agents make decisions at machine speed, the organizations that thrive will be those with unified runtime visibility.
Clarifying the competitive narrative
There is a prevailing belief that frontier AI labs—Anthropic with Claude Code Security, OpenAI with Codex5—are making traditional security tools obsolete. This belief is partially correct, but it fundamentally misunderstands which tools are being displaced.
What frontier labs are changing
These capabilities collapse scanning stages in the IDE and CI/CD pipeline. They find vulnerabilities through reasoning rather than pattern matching, uncovering business-logic flaws that static analysis misses. This is genuine progress—and it is expected to reduce certain vulnerability classes over time. SQL injection, for example, may become less prevalent as LLM-generated code matures and shift-left tools are integrated throughout the agent development lifecycle.
What frontier labs don’t address
Frontier lab security tools operate before deployment. They don’t see how code behaves in production—outside of API integrations that push context to them. They can’t detect configuration drift, environment-aware malware that activates only at runtime, or prompt injection against live AI agents. Anthropic describes Claude Code Security as an evolution of static analysis: rather than matching known patterns, it “reads and reasons about your code the way a human security researcher would.”4 Static analysis operates on code before it runs. These tools sit at completely different points in the security lifecycle from runtime protection.
What Dynatrace surfaces today
These capabilities deliver findings that frontier lab tools can’t—evidence of what is actually happening in production, not predictions based on code analysis.
Runtime Vulnerability Analytics
Identifies vulnerabilities in the context of actual execution—not theoretical exposure, but real risk based on how code runs in production.
Runtime Application Protection
Detects and blocks exploit attempts as they happen—the defensive layer that shift-left tools structurally can’t provide.
Security Posture Management
Surfaces misconfigurations and compliance gaps in live cloud infrastructure, including Kubernetes environments.
The evolving threat landscape
The Open Worldwide Application Security Project (OWASP) Top 10 for Agentic Applications (2026) report, provides consensus-based guidance and introduces new categories—Agent Behavior Hijacking, Tool Misuse and Exploitation, and Identity and Privilege Abuse6—directly relevant for organizations deploying autonomous agents. For any organization running business-critical applications, runtime visibility remains the validation layer that confirms whether security controls actually work.
What this means in practice
Organizations using Dynatrace already have the core capabilities required for agentic security.
- Security findings flow directly to development and SRE teams through workflows that include clear remediation guidance.
- Natural-language queries on security findings are already available through Dynatrace Intelligence.
- Dynatrace Intelligence allows agentic remediation, allowing automation to act within goals and constraints defined by humans and for humans to retain the flexibility to stay in the loop (see Agentic workflows in Dynatrace documentation).
What sets the Dynatrace approach apart is the combination of deterministic runtime findings with agentic workflows—enabling remediation that is reliable, repeatable, and grounded in real production evidence.
Article citations
- CrowdStrike 2026 Global Threat Report. Average eCrime breakout time (initial access to lateral movement) fell to 29 minutes in 2025, a 65% increase in speed from 2024. Fastest observed: 27 seconds. CrowdStrike also observed a 89% increase in attacks by AI-enabled adversaries compared with 2024. crowdstrike.com/en-us/blog/crowdstrike-2026-global-threat-report-findings
- Fortune, “Feds are hunting teenage hacking groups like ‘Scattered Spider’ who have targeted $1 trillion worth of the Fortune 500 since 2022,” January 2026.
- Anthropic, “Disrupting the first reported AI-orchestrated cyber espionage campaign,” published November 2025. Attack detected mid-September 2025. AI executed 80–90% of tactical operations independently.
- Anthropic, “Claude Code Security,” anthropic.com/news/claude-code-security, 2026.
- OpenAI, “Codex,” platform.openai.com/docs/codex.
- OWASP GenAI Security Project, “Top 10 for Agentic Applications 2026,” genai.owasp.org, December 2025.
- CVE-2024-3094 (XZ Utils). Backdoor activated only when loaded by sshd on targeted Linux distributions — bypassing all static analysis. Wired, April 2024.
- Dynatrace Intelligence: “supports in-context natural language for investigation and guided next steps.” docs.dynatrace.com/docs/platform/davis-ai
Looking for answers?
Start a new discussion or ask for help in our Q&A forum.
Go to forum