{"id":545961,"date":"2026-03-17T10:09:07","date_gmt":"2026-03-17T10:09:07","guid":{"rendered":"https:\/\/www.newsbeep.com\/au\/545961\/"},"modified":"2026-03-17T10:09:07","modified_gmt":"2026-03-17T10:09:07","slug":"bank-built-its-own-ai-threat-hunter-because-vendors-cant-the-register","status":"publish","type":"post","link":"https:\/\/www.newsbeep.com\/au\/545961\/","title":{"rendered":"Bank built its own AI threat hunter because vendors can\u2019t \u2022 The Register"},"content":{"rendered":"<p>Australia\u2019s Commonwealth Bank built its own agentic AI threat hunting tools, because vendors are too slow to develop tools that can cope with emerging AI-powered threats, according to General Manager of Cyber Defence Operations Andrew Pade.<\/p>\n<p>Speaking at analyst firm Gartner\u2019s Security &amp; Risk Management Summit in Sydney on Tuesday, Pade said he joined the bank six years ago when it logged 80 million daily threat signals. That figure now tops four billion, and he said AI is one reason for the growth.<\/p>\n<p>Pade told the event that the bank investigated attacks such as phishing emails and sites, and found the same code \u2013 sometimes including clear artefacts of AI coding tools \u2013 in many different attacks.<\/p>\n<p>\u201cThe lure changed, but the backend was the same,\u201d he said. Since the advent of AI, the volume of attacks the bank detects has also increased.<\/p>\n<p>\u201cWhen I joined [six years ago], we ingested 80 million signals a week,\u201d Pade said. \u201cLast week it was 400 billion.\u201d<\/p>\n<p>\u201cYou cannot manage that with traditional cyber defences.\u201d<\/p>\n<p>Pade worried that the sheer scale of threats is also a career-killer. He said the bank now hires graduates with cybersecurity skills, a change from his own career path that saw early career IT workers start on a help desk and learn infosec on the job. He said cybersecurity graduates now walk into a high-pressure environment that represents a mental health challenge.<\/p>\n<p>\u201cOne of the things that really concerns me is taking that off the table,\u201d Pade said.<\/p>\n<p>\u201cI wanted our first-level analysts the access the same knowledge our senior people have, in the fastest way,\u201d he added. \u201cThat was the tipping point: How do I take scale off the table, and how do I ensure all our agents are working in cyber in 20 years time\u201d instead of burning out?<\/p>\n<p>The bank\u2019s response was to build its own agentic AI tool that ingests threat information from sources such as new research, analyses it using the bank\u2019s own data, and identifies threats that could pose a risk to its sprawling estate of legacy systems, on-prem infrastructure, SaaS, and cloud-hosted workloads.<\/p>\n<p>Pade said building that tool was necessary because infosec vendors can\u2019t keep up with emerging threats and the bank can\u2019t wait for a product. He said the bank previously required two days to assess the seriousness of emerging threats and prepare a hypothesis about the risks it poses. The agent does it in 30 minutes and prepares reports.<\/p>\n<p>The bank developed a second agent that looks for indicators of compromise and rapidly produces reports that Pade said elevates infosec analysts\u2019 roles from drudgery to problem solving.<\/p>\n<p>AI also created problems for his team when the bank used the tech to conduct red team security assessments. Pade said human-authored red team reports include detailed evidence to satisfy a lawyer, but AI-generated documents may not report the same threat twice.<\/p>\n<p>\u201cAI is non-deterministic,\u201d Pade said. \u201cSo we had to find a way to put deterministic points in a non-deterministic flow. It was a real mind shift for our red teams.\u201d<\/p>\n<p>The bank now tries to assign deterministic outcomes to attacks, so its agents can make more repeatable predictions.<\/p>\n<p>Developing agents proved tricky. Pade said his team asked the bank\u2019s data scientists for help, as they are already skilled at creating AI applications that he said represent \u201creal AI\u201d rather than \u201cautomation on steroids.\u201d<\/p>\n<p>Their first attempt at creating tools for the bank\u2019s infosec teams \u201cdidn\u2019t solve the problem,\u201d Pade admitted. Once frontline security staffers worked alongside data scientists a useful tool emerged.<\/p>\n<p>\u201cThrowing the problem over the fence and waiting for a solution was not the answer,\u201d Pade said. \u201cThey knew the AI, we knew the outcome. The people closest to your problem are best to solve it.\u201d<\/p>\n<p>The security chief said the bank is now \u201clearning how to integrate AI to take the monotony out of our day\u201d and suggested every organization needs to do the same given AI will mean cyber-criminals can scale the volume of their attacks to new heights.<\/p>\n<p>\u201cYou will see attacks like we do, like it or not,\u201d he said. \u201cI would be asking your teams: \u2018How are we solving that problem?\u2019\u201d \u00ae<\/p>\n","protected":false},"excerpt":{"rendered":"Australia\u2019s Commonwealth Bank built its own agentic AI threat hunting tools, because vendors are too slow to develop&hellip;\n","protected":false},"author":2,"featured_media":545962,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[256,254,255,64,63,105],"class_list":{"0":"post-545961","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-artificial-intelligence","8":"tag-ai","9":"tag-artificial-intelligence","10":"tag-artificialintelligence","11":"tag-au","12":"tag-australia","13":"tag-technology"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/posts\/545961","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/comments?post=545961"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/posts\/545961\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/media\/545962"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/media?parent=545961"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/categories?post=545961"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/au\/wp-json\/wp\/v2\/tags?post=545961"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}