![Security Research Insights by [Your Name]](https://i0.wp.com/tomerwetzler.com/wp-content/uploads/2025/12/Gemini_Generated_Image_r0bx2xr0bx2xr0bx-scaled.png?fit=2560%2C1396&ssl=1)
AI Security is here to stay – whether a bubble pops or not
AI might be a bubble. AI security is not.
Everyone is comparing the current wave and investment to the dot com bubble.
And what happened was not that web apps were gone – it’s just that only those which actually brought value have survived.
And those who survived? Still needed security. A lot of it.
So, who’s going to survive the AI bubble? I don’t know. But I can tell you who won’t.
If at any given point, a Frontier Lab is a feature away from demolishing you and your business model, then you might need to recalculate.
And maybe whatever’s left after the bubble pops is not GPT-10 that is capable of mind reading and requires a fusion reactor to power – but GPT-6 which can provide enough economic value without igniting the atmosphere. And if you use that model in novel ways which are not immediately replicable by the Labs, then maybe you have a chance as well.
But either way, it will still need to be secure.
-
Our approach to AI security cannot be ‘look! I put bad things in and chatbot said bad words!’.
We collectively need to understand how these models work – from their behavior, the way they process text, and how the activations move from input to output.
Just like no one would have been able to find SQL injection without learning SQL and understanding how databases work – so can we not reliably find and defend emergent behavior and future deployment of these systems if we continue to treat these systems as agree-with-me-machine.