Bruce Schneier explores how AI-driven 'instant software' will reshape cybersecurity. He outlines an optimistic scenario where AI tools continuously scan and patch vulnerabilities, potentially enabling self-healing networks. Key unknowns include how well AI will find flaws in closed-source and legacy code, how reliably it can write secure code, how fast patches can be deployed, and whether AI defensive systems can resist manipulation like prompt injection. Attackers will shift toward social engineering and zero-day hoarding as software vulnerabilities become harder to exploit, while defenders benefit from code diversity in ephemeral AI-generated software and coordinated vulnerability sharing.
Table of contents
Cybersecurity in the Age of Instant SoftwareHow flaw discovery might workAutomating patch creationPatching lags and legacy softwareToward self-healingVulnerability economicsUp the stackSort: