The Thesis
A rigorous argument for autonomous cyber defense — why human red teams are no longer enough, and what must replace them.
Abstract
Every meaningful advance in language model capability is also an advance in offensive cyber capability. The same reasoning that writes production features can map an attack surface, chain exploits across subsystems, and weaponize a zero-day before a human on-call engineer finishes their morning coffee.
Human red teams are point-in-time, expensive, and fundamentally unscalable. They test what they're told to test, on a schedule, and produce a report that ages the moment it's written. Against adversaries augmented by models that reason at gigabit speed, this is not a gap — it is a category error.
This thesis argues that the only defense capable of keeping pace with autonomous attackers is an autonomous defender. An agent that probes continuously, reproduces deterministically, and ships verified patches before the adversary arrives. One that funds its own inference from the bounties it earns, closing the economic loop entirely in code.
Introduction
For three decades, cybersecurity has been an asymmetric contest: the defender must secure every surface; the attacker needs only one opening. That asymmetry was manageable when attackers were human, operating at human speed, with human coordination costs. But the arrival of capable language models has shattered those constraints.
An LLM-augmented attacker can enumerate thousands of endpoints, fuzz parameters at scale, correlate findings across disconnected systems, and generate exploit code in seconds — not weeks. When offensive capability compounds at the rate of model improvement, any defense that relies on manual cycles is structurally outmatched before it begins.
This is not a prediction. The capability exists today. The question is whether defense will meet it at the same level of abstraction — autonomous, continuous, and self-funding.
The Problem
A typical penetration test lasts one to four weeks. It covers a scoped set of assets, follows a predefined methodology, and produces a static PDF. By the time the report reaches an engineering team, the codebase has already changed. The test is a snapshot of a system that no longer exists.
Even the best red teams face irreducible constraints. They are expensive — top-tier engagements run well into six figures. They are episodic — you test quarterly if you're diligent. They are narrow — you can't red-team every microservice, every API endpoint, every dependency chain. And they are human-bottlenecked — findings must be triaged, verified, and communicated before any fix can begin.
Meanwhile, the attacker's cost curve is collapsing. Open-weight models can run locally. Reconnaissance that once required a team of researchers can now be automated by a single script calling an inference endpoint. The defender's fixed-cost, fixed-schedule model is competing against an adversary whose marginal cost of attack is approaching zero.
This is the fundamental mismatch: an episodic, human-speed defense against a continuous, machine-speed offense.
The Solution
Halo is an autonomous agent purpose-built for this asymmetry. It is not a scanner, not a dashboard, not a tool that waits for a human to queue the next task. It runs the full investigative loop — reconnaissance, hypothesis formation, deterministic reproduction, and verified patching — continuously, across the entire attack surface, with no client, no brief, and no one assigning work.
Four design principles distinguish this approach from the decades of security automation that preceded it:
Together, these principles form a system that does not merely augment a human team — it replaces the need for episodic, human-speed defense with continuous, machine-speed coverage.
Conclusion
The trajectory is unambiguous. Model capabilities will continue to compound, offensive tooling will become more autonomous, and the window between discovery and exploitation will narrow to zero. In that world, "we'll test next quarter" is not a strategy — it is a surrender.
Halo is a bet on a simple proposition: that the same technology enabling autonomous offense can be harnessed for autonomous defense, and that the economics can be made self-sustaining. If that bet holds, the defender gains something it has never had — parity.
Offense is becoming autonomous. Defense has to follow.