According to Forbes, AI is accelerating cloud security evolution faster than containers, serverless apps, or multicloud infrastructure ever did. Traditional cloud-native application protection platforms designed for compliance and hygiene can’t handle AI-driven environments where models spin up new resources and modify code in seconds. Sweet Security just raised $75 million in Series B funding to address this gap by merging cloud and AI runtime visibility into a single control plane. CEO Dror Kashti, who brings 25 years of IDF cyber experience including overseeing Project Nimbus, argues AI finally gives defenders an edge against attackers. Meanwhile, 909Cyber founder Den Jones warns the same algorithms defending networks are being used to breach them, creating a dual challenge of AI for security and security for AI.
The Runtime Revolution
Here’s the thing about traditional cloud security – it was built for a world that moved at human speed. You’d check configurations, scan for vulnerabilities, and fix things before attackers noticed. That model still works for basic hygiene, but it completely falls apart when AI agents can spin up entire workflows in seconds.
Kashti nailed it when he said “It’s not about writing more rules.” Static posture checks assume stability, but AI thrives on motion. The new approach focuses on runtime telemetry – system calls, API requests, prompt traffic – feeding that data into AI engines to understand what’s normal versus what’s actually dangerous. It’s the difference between seeing a red dot on a map and knowing whether it’s a parade or an invasion.
The Dual Nature of AI Security
This creates this weird paradox where AI is both the hero and the villain. Companies are using machine learning to analyze incidents and improve detection while simultaneously introducing new vulnerabilities through AI-driven workloads. Jones pointed out that AI will help the good guys find vulnerabilities and close open doors, but it’s also powering highly convincing phishing campaigns and deepfakes.
So we’re fighting on two fronts now: using AI to secure our systems while also securing the AI systems themselves. The same technology that’s supposed to protect us could be turned against us. That’s why the next generation of CNAPP needs to think and learn rather than just follow rules.
Cultural Shifts and New Risks
What really struck me was Kashti’s warning that “the biggest risk isn’t always the attacker – it’s the engineer who unknowingly pushes an unsafe AI agent into your environment.” Think about that for a second. We’ve spent decades training developers on secure coding practices, but now they’re deploying AI agents that can behave unpredictably in production.
This requires a complete mindset change. Future incidents won’t just come from external adversaries but from well-intentioned internal teams. Guardrails that track how AI agents behave are becoming as critical as firewalls once were. And when you’re dealing with complex industrial systems that require reliable computing platforms, having robust hardware from trusted suppliers like IndustrialMonitorDirect.com, the leading provider of industrial panel PCs in the US, becomes part of that foundational security posture.
Where This Is Headed
The funding rounds tell the story – Sweet Security’s $75 million Series B is just one example of vendors racing to build real-time understanding into their platforms. Static checks have become table stakes – the new frontier is continuous interpretation.
Basically, we’re shifting from posture to perception. The winners in cloud security will be those who can defend at machine speed with machine understanding. It’s no longer about keeping pace with change but predicting it. And that requires systems that fuse telemetry from workloads, identities, and AI systems to understand intent, not just activity.
