Ever since generative AI exploded into mainstream use, it has become both a critical business enabler … and one of the greatest security threats. Eighty-four percent of midmarket organizations are now using generative AI within core business processes to improve productivity and accelerate innovation in a wide range of areas, from customer service to software development. But as accessible as it is to businesses, it’s also becoming the No. 1 tool in the cybercriminal’s arsenal.

“Adversaries are using AI and machine learning to launch and scale increasingly sophisticated attacks,” said Jorge Maestre, Senior Manager, Network Security GTM at Palo Alto Networks. “It used to take a fair bit of work to create a new type of malware, but with AI and ML automation, it’s now possible to create millions of new variants of a particular malware signature. These tools, along with malware-as-a-service, are now widely available, which greatly upgrades their effectiveness in evading typical sensors.”

In short, AI has significantly lowered the barrier to entry for cybercrime. Attackers can launch at scale and create malware variants faster than ever without much manual effort — even if they’re not particularly technically minded. We’re now very much in the middle of an arms race in which organizations have to use AI to fight AI.

AI as a force multiplier in network security

At the network level, the basics haven’t changed much. You still need to continuously inspect traffic, understand what ‘normal’ looks like for your users and applications, and automatically block anything that deviates from those patterns. What has changed is the volume and complexity of that traffic, especially considering the sheer scale of AI adoption and its unique impact on business data. For midmarket teams managing hybrid environments with a limited headcount, that level of inspection and policy enforcement makes a manual approach thoroughly impractical.

A next-generation firewall (NGFW) combines inline intrusion prevention with AI-powered analysis to stop threats on the wire, rather than just raising an alert. “When you have a network firewall with AI built in, it can look for and respond to these new threats, especially those considered zero-day,” said Maestre; “Most attacks today are zero-day, so you really have to use AI to be able to identify them at scale. You’re not going to find those threats on a list anywhere.” In other words, security teams need AI to fight the next wave of AI-powered attacks, simply because only AI can keep up the pace.

Another key differentiator of an AI-augmented NFGW is its ability to adapt continuously to ever-changing threat variables. Behind the scenes, these cloud-delivered protections constantly retrain on fresh threat data and automatically generated malware variants. This allows the service to recognize new patterns and evasion techniques that traditional, signature-based approaches tend to miss, as well as block previously unseen command-and-control traffic and exploit attempts in real time — without impacting the end user.

Earlier network firewalls relied on static hashes — fixed indicators of known threats — but this approach is inadequate for countering the practically limitless scale and variation of AI-powered attacks. Modern advanced threat prevention, however, analyzes the full payload and behavior of files and traffic at both the application and network layers. This makes them adept at blocking new malware variants, zero-day exploits, and suspicious outbound connections, even when the specific sample hasn’t ever been seen before. It then, through continuous training and learning, generates new protections to stop future lookalikes.

AI is also increasingly integrated into network security management, making life easier for smaller security teams. “When you can interact with your unified security management solution like you would ChatGPT, with a copilot you speak to in natural language, you don’t even need to know how to use the tool before using it,” says Maestre; “That way, it can be proactive and give you guidance if, for example, you write a security policy incorrectly. This makes management much easier and more accessible to businesses that don’t have huge armies of security professionals at their disposal.”

By stopping more threats at the firewall and helping lean security teams maintain tight and up-to-date security policies, AI-powered network security shrinks the window of opportunity attackers can exploit — while reducing alert noise. It moves security out of the way, fostering a seamless user experience that builds employee trust and accelerates overall business productivity.