Microsoft researchers bullish on AI security agent even though it let 74% of malware slip through
(2025/08/06)
- Reference: 1754514015
- News link: https://www.theregister.co.uk/2025/08/06/microsofts_ai_agent_malware_detecting/
- Source link:
Microsoft has rolled out an autonomous AI agent that it claims can detect malware without human assistance.
The prototype, [1]called Project Ire , reverse engineers software "without any clues about its origin or purpose," and then determines if the code is malicious or benign, using large language models (LLM) and a bunch of callable reverse engineering and binary analysis tools.
"It was the first reverse engineer at Microsoft, human or machine, to author a conviction case — a detection strong enough to justify automatic blocking — for a specific advanced persistent threat (APT) malware sample, which has since been identified and blocked by Microsoft Defender," Redmond claimed in a Tuesday blog post.
[2]
If it performs as promised, and at scale, Project Ire will help relieve security analysts of the tedious work of manually analyzing every sample and classifying it as either good or bad. This can take hours, leading to [3]alert fatigue and burnout , and it also means that there are fewer human eyes and brains focused on the really sophisticated and fast-moving threats that require immediate detection and blocking.
[4]
[5]
But that's still a big if at this point.
In a real-world test of about 4,000 "hard-target" files, meaning that they weren't classified by automated systems and would otherwise be manually reviewed by human reverse engineers, nearly 9 out of 10 files (89 percent) that Project Ire flagged as malicious were actually malicious.
[6]
However, the AI agent only detected about a quarter (26 percent) of all the malware in this test.
"While overall performance was moderate, this combination of accuracy and a low error rate suggests real potential for future deployment," the Microsoft security engineers wrote.
The prototype will be integrated into Microsoft's Defender suite of security tools that encompass antivirus, endpoint, email, and cloud security as a binary analyzer for threat detection and software classification.
[7]
"Our goal is to scale the system's speed and accuracy so that it can correctly classify files from any source, even on first encounter," according to Microsoft. "Ultimately, our vision is to detect novel malware directly [8]in memory, at scale."
Buzzy, but not new
AI-based malware analysis is not new, with [9]antivirus vendors like Cylance using machine learning to analyze files for nearly a decade.
However, "what we learned then and that can be applied now is that the best results for malware detection involve a combination of deterministic (like patterns and signatures), machine learning and probabilistic techniques (AI/GenAI) approaches," Gartner VP Neil MacDonald told The Register via email in response to questions about Project Ire.
[10]AI agents swarm Microsoft Security Copilot
[11]We're calling it now: Agentic AI will win RSAC buzzword Bingo
[12]Did someone say AI agents, Google asks, bursting in
[13]Vibe coding tool Cursor's MCP implementation allows persistent code execution
"That's why in this case, Microsoft highlighted its use in the SOC as far as an incident detection and response process rather than inline as a preventative control," he said.
MacDonald did note the "relatively high percentage of false positives and false negatives documented in the paper show the limitations of this approach."
Still, that's not to say that security companies shouldn't invest in AI, he added.
"It is clear that, moving forward in a world where hackers will leverage AI for quickly creating new and novel attacks, this type of AI/GenAI-based approach will be critical to keeping up with the volume and variations of new threats," MacDonald said. "AI, in the hands of the defenders, will be necessary to offset the threat of AI in the hands of the attackers."
All aboard the AI train
Indeed, Microsoft's announcement comes as all of the big security companies double down on AI, especially AI agents — both integrating them into their enterprise tools and also helping companies protect their data and people against the myriad threats that AI systems and agents introduce.
While Redmond is arguably furthest along in this process of stuffing AI and [14]task-specific agents into all of its security products, Google is also developing its own army of AI agents including [15]one that analyzes malware and determines the extent of the threat it poses.
The Chocolate Factory announced this malware analysis agent at its annual Cloud Next event, and at the time, said it would be [16]available in preview for select Google customers this year.
Late last month, Palo Alto Networks inked a [17]$25-billion deal to buy Israeli biz CyberArk and bring the smaller firm's identity security tech, which not only verifies human identities but also machines and AIs, into its larger security platform.
Machine identities outnumber those of humans by 40 to one, according to CyberArk, and this number is expected to skyrocket as more companies use AI agents. ®
Get our [18]Tech Resources
[1] https://www.microsoft.com/en-us/research/blog/project-ire-autonomously-identifies-malware-at-scale/
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aJPQftEybkErEIMKXX4kYwAAAQU&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://www.theregister.com/2024/05/23/cisco_survey_2024/
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aJPQftEybkErEIMKXX4kYwAAAQU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aJPQftEybkErEIMKXX4kYwAAAQU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aJPQftEybkErEIMKXX4kYwAAAQU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aJPQftEybkErEIMKXX4kYwAAAQU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[8] https://www.microsoft.com/en-us/research/blog/toward-trusted-sensing-for-the-cloud-introducing-project-freta/?lang=fr_ca
[9] https://www.theregister.com/2017/04/05/cylance_restructuring/
[10] https://www.theregister.com/2025/03/24/microsoft_security_copilot_agents/
[11] https://www.theregister.com/2025/04/23/agentic_ai_rsac/
[12] https://www.theregister.com/2025/04/10/google_agentic_ai_cloud_next/
[13] https://www.theregister.com/2025/08/05/mcpoison_bug_abuses_cursor_mcp/
[14] https://www.theregister.com/2025/03/24/microsoft_security_copilot_agents/
[15] https://www.theregister.com/2025/04/09/google_enterprise_security_ambitions/
[16] https://cloud.google.com/blog/products/identity-security/driving-secure-innovation-with-ai-google-unified-security-next25
[17] https://www.theregister.com/2025/07/30/palo_alto_networks_inks_25b/
[18] https://whitepapers.theregister.com/
The prototype, [1]called Project Ire , reverse engineers software "without any clues about its origin or purpose," and then determines if the code is malicious or benign, using large language models (LLM) and a bunch of callable reverse engineering and binary analysis tools.
"It was the first reverse engineer at Microsoft, human or machine, to author a conviction case — a detection strong enough to justify automatic blocking — for a specific advanced persistent threat (APT) malware sample, which has since been identified and blocked by Microsoft Defender," Redmond claimed in a Tuesday blog post.
[2]
If it performs as promised, and at scale, Project Ire will help relieve security analysts of the tedious work of manually analyzing every sample and classifying it as either good or bad. This can take hours, leading to [3]alert fatigue and burnout , and it also means that there are fewer human eyes and brains focused on the really sophisticated and fast-moving threats that require immediate detection and blocking.
[4]
[5]
But that's still a big if at this point.
In a real-world test of about 4,000 "hard-target" files, meaning that they weren't classified by automated systems and would otherwise be manually reviewed by human reverse engineers, nearly 9 out of 10 files (89 percent) that Project Ire flagged as malicious were actually malicious.
[6]
However, the AI agent only detected about a quarter (26 percent) of all the malware in this test.
"While overall performance was moderate, this combination of accuracy and a low error rate suggests real potential for future deployment," the Microsoft security engineers wrote.
The prototype will be integrated into Microsoft's Defender suite of security tools that encompass antivirus, endpoint, email, and cloud security as a binary analyzer for threat detection and software classification.
[7]
"Our goal is to scale the system's speed and accuracy so that it can correctly classify files from any source, even on first encounter," according to Microsoft. "Ultimately, our vision is to detect novel malware directly [8]in memory, at scale."
Buzzy, but not new
AI-based malware analysis is not new, with [9]antivirus vendors like Cylance using machine learning to analyze files for nearly a decade.
However, "what we learned then and that can be applied now is that the best results for malware detection involve a combination of deterministic (like patterns and signatures), machine learning and probabilistic techniques (AI/GenAI) approaches," Gartner VP Neil MacDonald told The Register via email in response to questions about Project Ire.
[10]AI agents swarm Microsoft Security Copilot
[11]We're calling it now: Agentic AI will win RSAC buzzword Bingo
[12]Did someone say AI agents, Google asks, bursting in
[13]Vibe coding tool Cursor's MCP implementation allows persistent code execution
"That's why in this case, Microsoft highlighted its use in the SOC as far as an incident detection and response process rather than inline as a preventative control," he said.
MacDonald did note the "relatively high percentage of false positives and false negatives documented in the paper show the limitations of this approach."
Still, that's not to say that security companies shouldn't invest in AI, he added.
"It is clear that, moving forward in a world where hackers will leverage AI for quickly creating new and novel attacks, this type of AI/GenAI-based approach will be critical to keeping up with the volume and variations of new threats," MacDonald said. "AI, in the hands of the defenders, will be necessary to offset the threat of AI in the hands of the attackers."
All aboard the AI train
Indeed, Microsoft's announcement comes as all of the big security companies double down on AI, especially AI agents — both integrating them into their enterprise tools and also helping companies protect their data and people against the myriad threats that AI systems and agents introduce.
While Redmond is arguably furthest along in this process of stuffing AI and [14]task-specific agents into all of its security products, Google is also developing its own army of AI agents including [15]one that analyzes malware and determines the extent of the threat it poses.
The Chocolate Factory announced this malware analysis agent at its annual Cloud Next event, and at the time, said it would be [16]available in preview for select Google customers this year.
Late last month, Palo Alto Networks inked a [17]$25-billion deal to buy Israeli biz CyberArk and bring the smaller firm's identity security tech, which not only verifies human identities but also machines and AIs, into its larger security platform.
Machine identities outnumber those of humans by 40 to one, according to CyberArk, and this number is expected to skyrocket as more companies use AI agents. ®
Get our [18]Tech Resources
[1] https://www.microsoft.com/en-us/research/blog/project-ire-autonomously-identifies-malware-at-scale/
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aJPQftEybkErEIMKXX4kYwAAAQU&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://www.theregister.com/2024/05/23/cisco_survey_2024/
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aJPQftEybkErEIMKXX4kYwAAAQU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aJPQftEybkErEIMKXX4kYwAAAQU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aJPQftEybkErEIMKXX4kYwAAAQU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aJPQftEybkErEIMKXX4kYwAAAQU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[8] https://www.microsoft.com/en-us/research/blog/toward-trusted-sensing-for-the-cloud-introducing-project-freta/?lang=fr_ca
[9] https://www.theregister.com/2017/04/05/cylance_restructuring/
[10] https://www.theregister.com/2025/03/24/microsoft_security_copilot_agents/
[11] https://www.theregister.com/2025/04/23/agentic_ai_rsac/
[12] https://www.theregister.com/2025/04/10/google_agentic_ai_cloud_next/
[13] https://www.theregister.com/2025/08/05/mcpoison_bug_abuses_cursor_mcp/
[14] https://www.theregister.com/2025/03/24/microsoft_security_copilot_agents/
[15] https://www.theregister.com/2025/04/09/google_enterprise_security_ambitions/
[16] https://cloud.google.com/blog/products/identity-security/driving-secure-innovation-with-ai-google-unified-security-next25
[17] https://www.theregister.com/2025/07/30/palo_alto_networks_inks_25b/
[18] https://whitepapers.theregister.com/