Fact vs Hype: How Threat Actors Are Really Using AI Right Now
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by security researcher Crane Hassold and Digital Defense Report lead Chloe Mesdaghi for a grounded, practitioner-led discussion on where artificial intelligence actually stands today. Moving beyond hype and fear-driven narratives, the conversation examines how AI is realistically being used by threat actors, where its impact is often overstated, and why defenders currently stand to gain the most from AI-driven tooling.
The episode explores AI’s strengths in detection, triage, and workflow acceleration, the psychology and incentives that shape attacker behavior, and emerging risks such as prompt injection and AI systems becoming direct attack targets.
In this episode you’ll learn:
- Where AI is genuinely being used in real-world cyber operations
- Why AI systems themselves are becoming attractive targets for attackers
- How AI is accelerating defensive workflows like detection engineering and threat triage
Some questions we ask:
- What does AI do well right now, and where has it been overpromised?
- Does AI shift the balance of power toward defenders or attackers?
- Why are prompt injection and agent manipulation such serious concerns?
Resources:
View Chloé Messdaghi on LinkedIn
View Crane Hassold on LinkedIn
View Sherrod DeGrippo on LinkedIn
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
Microsoft Threat Intelligence 