Bank built its own threat hunting agent because vendors can’t keep pace with new threats

AI helped send weekly threat signal count from 80 million to 400 billion, then helped response time shrink from two days to 30 minutes

by · The Register

Australia’s Commonwealth Bank built its own agentic AI threat hunting tools, because vendors are too slow to develop tools that can cope with emerging AI-powered threats, according to General Manager of Cyber Defence Operations Andrew Pade.

Speaking at analyst firm Gartner’s Security & Risk Management Summit in Sydney on Tuesday, Pade said he joined the bank six years ago when it logged 80 million daily threat signals. That figure now tops four billion, and he said AI is one reason for the growth.

Pade told the event that the bank investigated attacks such as phishing emails and sites, and found the same code – sometimes including clear artefacts of AI coding tools – in many different attacks.

“The lure changed, but the backend was the same,” he said. Since the advent of AI, the volume of attacks the bank detects has also increased.

“When I joined [six years ago], we ingested 80 million signals a week,” Pade said. “Last week it was 400 billion.”

“You cannot manage that with traditional cyber defences.”

Pade worried that the sheer scale of threats is also a career-killer. He said the bank now hires graduates with cybersecurity skills, a change from his own career path that saw early career IT workers start on a help desk and learn infosec on the job. He said cybersecurity graduates now walk into a high-pressure environment that represents a mental health challenge.

“One of the things that really concerns me is taking that off the table,” Pade said.

“I wanted our first-level analysts the access the same knowledge our senior people have, in the fastest way,” he added. “That was the tipping point: How do I take scale off the table, and how do I ensure all our agents are working in cyber in 20 years time” instead of burning out?

The bank’s response was to build its own agentic AI tool that ingests threat information from sources such as new research, analyses it using the bank’s own data, and identifies threats that could pose a risk to its sprawling estate of legacy systems, on-prem infrastructure, SaaS, and cloud-hosted workloads.

Pade said building that tool was necessary because infosec vendors can’t keep up with emerging threats and the bank can’t wait for a product. He said the bank previously required two days to assess the seriousness of emerging threats and prepare a hypothesis about the risks it poses. The agent does it in 30 minutes and prepares reports.

Bank reverses decision to replace 45 customer service staff with AI chatbot: Also fired another AI - GitHub Copilot - after it produced ‘mixed results in utilization and efficacy’Simon Sharwood, 22 Aug 2025Creeps give away money to harass recipients with abusive transaction descriptions on bank statements'Serious threats' and references to family violence as payment descriptors turned into virtual messaging serviceSimon Sharwood, 04 Jun 2020