AI security tools finally shift from gimmicks to useful automation, says analyst

Generative AI in cybersecurity is moving beyond basic chatbots and content creation toward more meaningful applications that actually solve security professionals’ pain points. Speaking at the recent The-C2 conference in London, Forrester analyst Allie Mellen highlighted how the initial wave of AI security tools often missed the mark, while newer AI agent technologies are beginning to deliver tangible value through task automation and simplified workflows. This evolution comes amid growing concerns about supply chain resilience and the persistent importance of basic security hygiene.

The big picture: After two years of generative AI in security tools, the industry is finally shifting from gimmicky features to practical applications that address real security challenges.

• Early genAI security features like human-readable case descriptions and query language translation provided limited value and sometimes even complicated analysts’ workflows.
• The next wave of innovation centers on AI agents that can automate alert triage for phishing and endpoint protection, and simplify complex migrations between security information and event management (SIEM) systems.

What’s working: Only a handful of generative AI applications have proven genuinely useful for security teams so far.

• Automated report writing has streamlined documentation processes.
• Translation between human languages has facilitated better global collaboration.
• Script analysis capabilities have enhanced security teams’ ability to identify potentially malicious code.

Why this matters: The combination of automating mundane tasks at scale while maintaining explainability is driving better outcomes for security analysts who are typically overloaded with alerts and repetitive work.

Beyond AI: Supply chain security remains a complex and growing challenge that intersects with generative AI concerns.

• Software bills of materials (SBOMs), which document exactly what components are in software, should be critical requirements for providers but industry adoption has lagged.
• As generative AI applications proliferate, understanding how data is being used and protected throughout the supply chain becomes increasingly difficult.

The bottom line: Despite technological advances, basic security hygiene remains the foundation of effective cybersecurity.

• Addressing critical unpatched vulnerabilities often delivers more security impact than implementing flashy new technologies.
• Forrester’s research emphasizes the importance of continuous enhancement of visibility, prioritization, and remediation customized to specific business needs.