VentureBeat
Follow
Weaponized AI can dismantle patches in 72 hours — but Ivanti's kernel defense can help
Cybercriminals and nation-state actors are weaponizing AI to exploit system vulnerabilities within three days, a rapid pace that outstrips traditional manual patching methods. Vendors are now redesigning security infrastructure from the kernel upwards to combat this threat. Ivanti's new Connect Secure version 25.X, built on hardened Oracle Linux with SELinux, demonstrates this shift towards advanced kernel-level security. Researchers have proven the reality of these exploit risks, showcasing authentication bypasses in major security products. Compromising the kernel grants attackers total control of a device and subsequently an entire network, bypassing all other security layers. Ivanti's approach includes measures like Secure Boot, disk encryption, and a modern secure web server to deter threats. Beyond kernel security, emerging technologies like eBPF offer enhanced visibility and security without solely relying on kernel agents. Phased, automated patching through "ring deployment" is also crucial for addressing the speed crisis in vulnerability management. Organizations must prioritize automating patching, auditing kernel-level security, and layering defenses to reduce their attack surface. Transparency from vendors regarding security incidents is also becoming increasingly important. Ultimately, kernel-level transformation is essential for survival in an era of AI-driven cyberattacks.
