Every year, SANS Institute researchers present top threat methodologies at the RSAC Conference. The 2026 presentation in San Francisco marked a shift in the threat environment: artificial intelligence now underpins all five key areas.
"We would be lying to you if we pointed out a trend in attacks that did not involve AI," SANS president Ed Skoudis explained to the audience during a keynote session. "That is just where we are in the industry."
AI-generated zero-days and shifting costs
Historically, discovering zero-day vulnerabilities was a resource-intensive process limited to well-funded, state-sponsored groups. Joshua Wright, SANS Institute faculty fellow and senior technical director, notes that AI has fundamentally changed this cost structure. Independent researchers have recently identified zero-day vulnerabilities in widely deployed production software for as little as $116 in AI token costs. This represents a massive reduction from the millions of dollars previously required to find and validate these vulnerabilities.
"Attackers were already faster than us," Wright said. "AI has made the gap unbridgeable at our current pace."
To adapt, organizations must increase their defensive cadence. Wright advises implementing automated patching, refining validation frameworks, and adopting AI-supported defense tools to match the speed of incoming threats.
Supply chain risks and third-party exposure
Over the past year, two-thirds of organizations experienced a software supply chain security incident. Wright reported a measurable increase in third-party involvement in unauthorized access events, alongside a surge in malicious packages published to open-source registries.
For example, the Shai-Hulud worm infected over a thousand open-source packages and exposed 14,000 credentials across 487 organizations. In a separate event, a China-affiliated group maintained unauthorized access to the Notepad++ update infrastructure for six months, selectively distributing backdoors to targets in the energy, finance, government, and manufacturing sectors.
"Your attack surface is not the software you chose. It is the entire ecosystem of suppliers behind it," Wright said.
Organizations need to plan for supplier compromises before they occur. This means moving beyond standard software bills of materials to demand verifiable proof of how software is built. Security teams should also evaluate every update channel and developer tool as a potential third-party risk.
Operational technology (OT) complexity and logging gaps
Robert Lee, SANS Institute fellow and Dragos CEO, discussed a growing accountability crisis in operational technology environments. Following an OT incident, critical network activity logs and diagnostic evidence frequently evaporate or are entirely unavailable due to limited infrastructure visibility.
During a December 2025 incident involving Poland's distributed energy resources, investigators confirmed a disruption had occurred. However, a lack of OT monitoring meant they had no visibility into what the threat actor did inside the systems following the initial unauthorized access.
In another instance, a state-level actor targeted a facility that had no visibility into its own infrastructure. A month later, the facility exploded. Investigators still cannot definitively state whether the destruction was the result of a targeted security event or an industrial accident.
"Governments are not going to be comfortable not knowing what happened in their critical infrastructure and why someone died," Lee said. "That scenario is unacceptable, and it is already happening."
With agentic AI now operating in OT environments, Lee warned that organizations must prioritize network visibility immediately, rather than waiting for a critical failure to force the issue.
Artificial intelligence in digital forensics and incident response
Organizations deploying AI for digital forensics and incident response (DFIR) without strict training, validation frameworks, and investigative discipline introduce significant risk into their processes. Heather Barnhart, head of faculty and senior forensics expert at the SANS Institute, explained that AI currently lacks the ability to interpret evidence contextually the way a human analyst does.
When an AI tool renders a confident but incorrect verdict, it consumes valuable time and resources during an active response scenario.
"Most breaches don't fail because of tools," Barnhart said. "They fail at decision points. AI cannot be the decision point."
Barnhart also noted that threat actors are targeting unmonitored vectors like AI notetaking applications, expanding the organizational digital footprint well beyond traditional networks. To manage this, trained analysts must retain decision-making authority at every stage of an investigation.
Autonomous defense and accelerating response
Security researchers estimate that AI-driven operations move 47 times faster than manual approaches. A threat actor can now take a compromised credential and establish full administrative control in an AWS environment in less than 10 minutes.
A recent campaign documented by Anthropic, tracked as "GTG 1002" and attributed to a Chinese state-sponsored group, targeted over 30 government and financial entities. The group used AI to automate up to 90% of the operation, managing reconnaissance and lateral movement largely without human intervention.
"They have their artificial intelligence," Lee said. "Now we build ours."
To close the speed gap, Lee pointed to Protocol SIFT, an open-source initiative including the SANS Institute. The system uses AI and organize defensive workflows, surface data, and coordinate tools, while leaving validation and decision-making to human analysts.
"The goal is to accelerate analysts, not replace them, and early results suggest that the model can significantly compress response times," Lee said.
During a recent test involving a sophisticated two-week incident scenario, an analyst used Protocol SIFT to complete the entire investigation in under 15 minutes. The workflow included identifying the malicious software, mapping unauthorized movements, aligning tactics, techniques, and procedures (TTPs) to known frameworks, and determining the appropriate remediation steps. Coordinating across the global security community and empowering defenders with these accelerated tools provides the necessary edge against automated threats.