candid wuest
Candid Wuest is an experienced cybersecurity expert with over 25 years of passion in the field of security. He currently works as a Principal Security Advocate for xorlab a messaging security startup in Switzerland. Previously, he was the VP of Cyber Protection Research at Acronis, where he led the creation of the security department and the development of their EDR product. Before that, he spent more than sixteen years building Symantec's global security response team as the tech lead, analyzing malware and threats – from NetSky to Stuxnet. Wuest has published a book and various whitepapers and has been featured as a security expert in top-tier media outlets. He is a frequent speaker at security-related conferences, including RSAC and BlackHat, and organizer of AREA41. He learned coding and the English language on a Commodore 64. He holds a Master of Computer Science from ETH Zurich and has various patents and useless certifications.
Session
This talk explores the rise of AI-powered malware, focusing on Agentic AI and its potential for autonomous threats. We’ll introduce agentic malware, discussing its key features such as autonomy, self-learning, behavior adaptation, and real-time evasion. We’ll walk you through our proof-of-concept autonomous PowerShell agent, demonstrating how it dynamically generates and executes code in memory, resulting in metamorphic obfuscation. Using reasoning models like the Responses API and Sonar, the agent creates strategies to achieve its goals.
Finally, we’ll cover mitigation strategies, such as monitoring AI-related outbound traffic and increasing execution visibility. While agentic AI shows promise in automating pentesting, current malware implementations still offer only limited practical advantages over traditional methods.
Join us to gain insights into why Agentic AI isn’t the end of cybersecurity - yet.