Hype Check: Is 'AI-Powered Security' Real, or a Sticker on the Box?

Let me steelman the claim before puncturing it. "AI-powered security" is not pure sticker. There is a real, defensible technique behind it: instead of writing a fixed rule for every bad thing, you train a model on what normal looks like and let it flag what does not fit. That is genuinely better than signatures for catching novel attacks, and it is patented. Darktrace's grant US12652290B2, "Cyber security for software-as-a-service factoring risk" (issued June 9, 2026; CPC includes G06N 3/08 and G06N 20/00, the machine-learning classes), applies learned models to SaaS risk.

Zscaler goes further in the same direction with US12647458B2, "Breach prediction via generative artificial intelligence (AI) with multi-dimensional machine learning models" (issued June 2, 2026; CPC H04L 63/1491). The title says the quiet part: this is about predicting breaches, not just detecting attacks in progress. That is the frontier of the marketing — and the frontier of the overpromise.

Now check the story against the disclosure. A breach-prediction model does what every probabilistic model does: it estimates a likelihood from patterns in data. It does not know the future; it ranks risk. The honest reading of "breach prediction" is "prioritized risk scoring," which is useful — it tells a stretched security team where to look first — but it is not the clairvoyance the phrase implies. The patent claims a method for estimating; it cannot claim, because nothing can, that the estimate is right.

I would love to believe the autonomous-AI-defender narrative, but the structure resists it. Machine-learning detection trades one problem for another: signatures miss novel attacks but rarely cry wolf; behavioral models catch novel attacks but generate false positives, because "unusual" and "malicious" are not the same thing. Every AI-security deployment lives on that trade-off, and no patent abolishes it.

So is AI-powered security real or a sticker? Both, and the test is the verb. "Detects anomalies," "scores risk," "prioritizes alerts" — real, patented, useful. "Predicts breaches," "autonomous defense," "stops attacks before they happen" — the same machinery, with the uncertainty filed off. The grounded read: the method is genuine, the certainty is sold. Read the verb, not the adjective.