The word "convergence" underrepresents what is actually happening between AI capabilities and cybersecurity. Convergence implies two separate streams meeting. What we are observing is a restructuring: the offensive and defensive security problem spaces are being reconstituted around AI capabilities as a fundamental variable in both directions simultaneously, changing the nature of the work and the architecture of the systems required to do it. From an offensive perspective, AI capabilities have lowered the skill threshold for a range of attack categories that previously required significant human expertise: spear-phishing content generation at scale and personalisation depth that was previously a constraint of attacker time budget, vulnerability research assistance that accelerates the path from disclosed CVE to working exploit code, and deepfake-based social engineering that can now target voice and video channels with quality previously associated with nation-state actors. From a defensive perspective, AI capabilities enable detection approaches that were theoretically possible but practically intractable at the log volumes and behavioural complexity of modern enterprise environments.
The restructuring I find most technically significant on the offensive side is not the most visible one. Automated phishing content personalisation is real and concerning, but sophisticated security awareness programmes can adapt to it — the human element remains the target, and that problem has defences. The more structurally important change is in automated vulnerability discovery and exploit development. Language models trained on large code corpora can assist in the identification of classes of vulnerability — buffer overflows, use-after-free conditions, format string issues — in unfamiliar codebases at speeds that compress the research timeline for a skilled analyst. More concerning, AI-assisted fuzzing and symbolic execution can identify input conditions that trigger undefined behaviour in programs without requiring deep domain expertise from the operator. The practical effect is to increase the pool of actors who can find and exploit novel vulnerabilities in production software, which directly affects the exposure calculus for unpatched systems and shifts the calculus on how long organisations have between vulnerability disclosure and active exploitation in the wild.
On the defensive side, the restructuring that matters most is in detection coverage breadth. The fundamental constraint of human-written detection rules is expert time: a rule that detects a specific attack technique requires someone who knows that technique exists, understands how it manifests in telemetry, can express it as a detection logic, and can tune it to the specific environment. The number of attack techniques documented in MITRE ATT&CK alone — several hundred techniques and sub-techniques — exceeds what any SOC team can maintain comprehensive rule coverage for. Behavioural machine learning models that learn normal patterns from enterprise telemetry and surface deviations, without requiring explicit technique-level rules for every attack class, offer coverage breadth that the human-written rule model cannot achieve. The tradeoff — model interpretability, false positive management, adversarial robustness — is real, and the companies that are navigating it most effectively are those that treat the ML detection layer and the rule-based detection layer as complementary rather than competing, using models for broad coverage and rules for high-confidence detection of high-priority TTPs.
We should be precise about a risk that the security AI narrative often glosses over: adversarial machine learning as an attack vector against security systems themselves. A detection model trained on historical normal behaviour can be manipulated by an attacker who understands the model's decision boundary and adjusts their behaviour to stay within what the model classifies as normal. This is not a theoretical concern — evasion techniques against network anomaly detection and endpoint behaviour models are an active research and operational area. The implication is that detection models deployed in security contexts need not just good baseline performance but adversarial robustness testing: regular evaluation against techniques specifically designed to evade the model, with model updates when evasion patterns are discovered. The security AI companies that will build durable products are those that treat adversarial robustness as a first-class engineering discipline rather than an afterthought.
From an investment perspective, the AI-security convergence creates two distinct opportunity categories. The first is AI applied within existing security workflows — better detection, faster triage, more efficient analyst investigation, automated response playbook generation. These are improvements to the existing architecture of security operations. The second category is more interesting: AI capabilities that enable entirely new security approaches that were not possible before. Orbit Security's cloud workload anomaly detection at the control plane layer represents this second category — a detection capability that is predicated on having a model that can represent normal API call patterns for hundreds of different workload types simultaneously, which is not a task that scales with human-written detection rules. The companies in this second category are the ones we are most actively seeking for Fund III deployment.