CONCEPT Cited by 1 source
Asymmetric attacker-defender gap¶
Definition¶
The asymmetric attacker-defender gap is the structural inequality in security: an attacker only needs to find and exploit one opening, while defenders must find and close all of them. This asymmetry is amplified by frontier AI models that compress the discovery–exploit–PoC timeline.
Why frontier models widen the gap¶
- Speed of discovery: models can search large bodies of public code (especially open-source libraries) and generate PoC variants faster than maintainers can review every downstream use.
- Exploit volume and adaptation: models produce thousands of variations and can probe WAF rules iteratively, learning what gets blocked and rewriting until something slips through.
- Defender overhead remains: writing a fix, regression-testing, and shipping without breaking adjacent code has constraints AI doesn't remove.
Architectural response¶
The response is not to try to out-race the attacker on every vulnerability but to layer independent defences so that any single exploited vulnerability has bounded blast radius. This is the core argument behind concepts/architecture-over-patching.
(Source: sources/2026-06-09-cloudflare-defend-against-frontier-cyber-models)
Seen in¶
- sources/2026-06-09-cloudflare-defend-against-frontier-cyber-models — "An attacker only needs one opening to get in, while security teams need to find and close them all."