AI Is a Force Multiplier for Defenders and Attackers Both, Says Check Point CTO
Jonathan Zanger says every AI platform his team examined over the past year had serious security flaws. The fix is not to avoid AI. It is to build security in from the start.

Key points
- Check Point Software CTO Jonathan Zanger told CSO Online that his company found serious security vulnerabilities in every AI platform it examined during 2024 and 2025.
- Check Point now runs roughly 300 automated AI instances that continuously probe and test its own products, up from human-only red teams.
- Zanger says AI has let smaller criminal groups launch phishing campaigns, meaning fake-email scams, with far less skill than was previously required.
- The CTO warned that AI systems are harder to protect than traditional software because their behavior is not fully predictable.
- Zanger's headline recommendation: treat security as a first step in any AI project, not an afterthought.
Check Point Software Technologies CTO Jonathan Zanger sat down with CSO Online at the company's Engage 2026 conference in Paris last week. The conversation covered one central tension: the same AI technology making defenders faster is making criminals faster too.
Does AI actually help attackers more than it helps defenders?
Not necessarily, but it is closer than the industry likes to admit. Zanger was direct about the upside for criminals. AI has lowered the skill bar for running phishing campaigns, which are scams where criminals send fake emails to trick people into handing over passwords or money. Groups that previously lacked the technical knowledge to mount large-scale attacks can now do so. More people are entering offensive hacking as a result.
On the defender side, Check Point has used AI to scale work that used to depend entirely on scarce human experts. The company's internal red teams, whose job is to attack Check Point's own products to find weaknesses before criminals do, now work alongside roughly 300 AI software agents running around the clock. Zanger says those teams operate about 20 times more efficiently than before.
The uncomfortable counterpoint: Zanger said Check Point found serious vulnerabilities in every AI platform it studied over the past year, and in all major AI development tools. He was careful not to single out specific vendors. His point was structural. Innovation moves faster than security. Companies race to ship new AI products, and security checks get left for later.
The practical upshot for any organisation buying or building AI tools: do not assume a product is safe because the company behind it has a good reputation.
AI systems also create a new kind of security headache that traditional software did not. Older business software was deterministic, meaning it gave predictable outputs for predictable inputs, which made it easier to monitor and protect. AI understands natural language and handles ambiguous requests. Its behaviour can vary in ways no one anticipated. That unpredictability makes it harder to write rules that catch bad behaviour.
There is a second structural problem. AI tools are only as useful as the company data they can reach, so businesses tend to connect them to as many internal systems as possible. Every new connection is a door. More doors mean more ways for criminals to break in.
Zanger's answer to both problems is prevention rather than reaction. When an automated attack can cause real damage in seconds, spotting it after the fact is often too late. He recommends AI-based systems that simulate attacker behaviour and hunt for weaknesses before criminals find them, rather than waiting for an alert after something goes wrong.
For ordinary people, the most immediate risk remains phishing. AI makes fake emails look more convincing and arrive in higher volumes. If you receive an unexpected email asking you to click a link, reset a password, or approve a payment, verify the request through a separate channel before acting.



