Mara opens September 2026Request early access
Mara
R-066 May 2026 · 6 min

The defender's dilemma, and what AI does to it.

AI lowers the cost of attack and defence at once. The honest question is which side gains more, and why we think it is the defender.

The defender's dilemma is old and unfair. An attacker needs one way in. A defender has to cover every way at once, on a budget, while doing four other jobs. AI is now pressing on both sides of that asymmetry, and the interesting question is which side it helps more.

The pessimistic read is everywhere: models lower the cost of phishing, of reconnaissance, of writing throwaway malware variants, of turning a clumsy lure into fluent prose in any language. All true. All already happening. Generation is cheap now, and a great deal of offence is generation.

Where the defender actually gains.

But most defensive work is not generation. It is reading. Reading a queue of alerts and deciding which three matter. Reading a sandbox trace that is mostly noise. Reading six months of tickets to find the pattern nobody wrote down. That is comprehension at a volume no human can sustain, and it is exactly what a capable model does well.

  • ·Triage at the volume the queue actually arrives in, not the volume a tired analyst can reach by end of shift.
  • ·Correlation across sources that live in different tools and never get joined by hand.
  • ·Drafting the artefact, the post-mortem, the customer note, the detection rule, so the knowledge survives the shift change.
Offence is generation. Defence is comprehension. The asymmetry has not gone away, it has changed sides.

We are not naive about this. The same model that reads a trace can help write one. That is why the line Mara will not cross is drawn explicitly and documented, and why we think the defender's version of this technology has to be built deliberately, by people who will say no to the other use. Left to the market, the offensive tooling builds itself. The defensive tooling has to be chosen.

Our bet is that comprehension, applied honestly and at scale, is worth more to the defender than generation is to the attacker. Not because the attacker gains nothing. Because the defender has far more reading to do, and now has something that can help do it.

Mara is a research preview from venode. Feedback, corrections and disagreements welcome, mara@venode.ai.

More notes
  1. R-05

    Prompt injection is the memory-safety bug of our decade.

    Why the defining vulnerability of AI security tooling is the one where attacker-controlled text becomes model instruction, and how Mara is built to contain it.

  2. R-07

    The state of AI in cyber, a mid-2026 review.

    Where the field actually is, the parts we think are real and the parts we think are noise: agentic tooling, model-found bugs, the evaluation gap, adversary use, and governance.

  3. R-01

    Reasoning about an unknown sample.

    How Mara approaches a piece of malware it has never seen before: what to look at, what to suspend judgement on, and where to begin.