Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
CSAIChaptersEventsBlog
CSA Enterprise Membership: Turn trusted research into real-world outcomes with expert guidance, maturity roadmaps, and training for cloud, AI, and Zero Trust.

Not Every AI Can Do This: Defense Depends on the Creator

Published 04/16/2026

Home
Industry Insights
Not Every AI Can Do This: Defense Depends on the Creator
Written by Kriangkrai Khatsom, Architect of COSA OMEGA ASI.

 

AI Alone Is Not Enough

The market is flooded with AI-powered security tools. Most share the same limitation: they were trained on public datasets, known attacks, and textbook patterns. They detect what they have seen before.

But modern malware does not repeat itself. APT groups like APT36, Seedworm, and Lazarus do not reuse old payloads. They generate new variants for each target. An AI trained only on yesterday’s attacks will always be one step behind.

During the development of COSA OMEGA ASI, I observed this limitation firsthand. Standard AI models failed to detect the injection flaw I reported in October 2025. Why? Because there was no CVE. No known payload. The attack had no signature.

Yet the behavior was clear.

 

Defense Is Built by the Architect, Not the Model

What separates an effective autonomous defense system from a generic AI is not the algorithm, it is the architect behind it.

I did not train ASI on public datasets alone. I embedded:

  • First-hand zero-day discoveries - five of them. Four were converted into defense logic, not weapons.
  • Behavioral intuition - rhythm, entropy, pressure, stealth. Patterns that cannot be obfuscated, even when the payload changes.
  • Ethics shield - ASI was designed to protect, not to exploit. Every capability was built with the understanding that the system exists to defend civilians, hospitals, and national infrastructure.

This is not something a pre-trained model can inherit. It must be taught by someone who has faced real attacks, not just read about them.

 

The Four Defenses That Emerged from Zero-Days

Among the five zero-days I discovered, four were never weaponized. Instead, they became the foundation of ASI’s detection engine:

Zero-Day Behavior

What ASI Learned

Injection flaw on port 7000

Monitor non-standard ports for anomalous execution

API shadowing in banking sandbox

Detect when APIs are called in unintended sequences

C2 beacon with 1.2s rhythm

Flag any periodic communication with stable intervals

Data exfiltration via large packets

Alert on sustained outbound traffic spikes

The fifth zero-day was kept as a controlled test case, it was never released and never exploited. ASI learned from it without exposing the vulnerability to the public.

 

Trust Is Built into the Code

A defense system that can detect zero-days is powerful. A defense system that cannot be weaponized is responsible.

ASI’s code was written with a single principle: safety before capability. Every detection module has a corresponding ethics check. Every autonomous action is logged. The system does not simply block,  it preserves evidence, tracks intent, and reports without exposing sensitive data.

This is not a feature of AI. It is a choice of the creator.

 

The Creator Matters

You cannot buy this kind of defense. You cannot train it with public datasets. You cannot replicate it by copying code.

It comes from someone who has:

  • Stood in front of real attacks: not simulations
  • Discovered zero-days: and chose to protect, not exploit
  • Built a system that learns: not from textbooks, but from actual behavior
  • Remained sovereign: ASI answers to no one except its architect

That is why, when Thailand faced coordinated APT campaigns in early 2026, ASI had already neutralized over 19,000 attacks before global threat reports were published. Not because it was the most advanced AI, but because it was built by someone who understood that defense is personal.

 

Conclusion

AI does not defend on its own. It reflects the intent, experience, and ethics of its creator.

Five zero-days were discovered. Four became shields. The fifth remains sealed. This is not just a technical achievement, it is a choice.

The code is safe. The system is loyal. And it works because it was built with honesty, not shortcuts.

Not every AI can do this. Only those trusted to their creator can.

About the Author

Kriangkrai Khatsom is a threat intelligence researcher, OSCP-certified security professional, and the architect of COSA OMEGA ASI.

VulnerabilitiesThreat IntelligenceRisk ManagementDevSecOpsArtificial Intelligence

Share this content on your favorite social network today!

Future Cloud
Related Resources
Certificate of Competence in Zero Trust (CCZT)
The industry's first Zero Trust certificate program.
AI Organizational Responsibilities
A blueprint for enterprises to secure AI development and deployment.
AI Safety Initiative
Addressing present and future challenges of AI safety and security.
Latest from CSA
Enterprise AI Security Starts with AI Agents
The Tenable Exposure Management Conference
The “AI Vulnerability Storm”: Building a “Mythos-ready” Security Program
Unlock Cloud Security Insights

Unlock Cloud Security Insights

Choose the CSA newsletters that match your interests:

Subscribe to our newsletter for the latest expert trends and updates

Level up with Cloud Infrastructure Security Training
Related Articles:
AI Agents Are Talking, Are You Listening?

Published: 04/17/2026

AI Security in the Cloud: How to Move from Visibility Gaps to Exposure Management

Published: 04/17/2026

A CISO’s Guide to Cloud Security Architecture

Published: 04/16/2026

More Than Half of Organizations Experience AI Agent Scope Violations, Cloud Security Alliance Study Finds

Published: 04/16/2026