Table of Contents
Fetching ...

Towards Cybersecurity Superintelligence: from AI-guided humans to human-guided AI

Víctor Mayoral-Vilches, Stefan Rass, Martin Pinzger, Endika Gil-Uriarte, Unai Ayucar-Carbajo, Jon Ander Ruiz-Alcalde, Maite del Mundo de Torres, Luis Javier Navarrete-Lozano, María Sanz-Gómez, Francesco Balassone, Cristóbal R. J. Veas-Chavez, Vanesa Turiel, Alfonso Glera-Picón, Daniel Sánchez-Prieto, Yuri Salvatierra, Paul Zabalegui-Landa, Ruffino Reydel Cabrera-Álvarez, Patxi Mayoral-Pizarroso

TL;DR

This work defines cybersecurity superintelligence as AI that surpasses human capabilities in speed and strategic reasoning and traces its emergence through three milestones: PentestGPT, CAI, and G-CTR. It presents a progression from AI-assisted human operators to autonomous, expert-level agents and finally to human-guided, game-theoretic AI that can outthink adversaries, demonstrated by substantial speedups, cost reductions, and improved success rates across benchmarks. The key contributions include a modular architecture for LLM-guided security testing, a fully automated agent-centric framework with dramatic efficiency gains, and a neurosymbolic, game-theoretic approach that anchors AI actions in principled adversarial reasoning. Together, these findings suggest a path to democratized, high-level cybersecurity defense, while highlighting economic, governance, and autonomy challenges that must be addressed for widespread, responsible deployment.

Abstract

Cybersecurity superintelligence -- artificial intelligence exceeding the best human capability in both speed and strategic reasoning -- represents the next frontier in security. This paper documents the emergence of such capability through three major contributions that have pioneered the field of AI Security. First, PentestGPT (2023) established LLM-guided penetration testing, achieving 228.6% improvement over baseline models through an architecture that externalizes security expertise into natural language guidance. Second, Cybersecurity AI (CAI, 2025) demonstrated automated expert-level performance, operating 3,600x faster than humans while reducing costs 156-fold, validated through #1 rankings at international competitions including the $50,000 Neurogrid CTF prize. Third, Generative Cut-the-Rope (G-CTR, 2026) introduces a neurosymbolic architecture embedding game-theoretic reasoning into LLM-based agents: symbolic equilibrium computation augments neural inference, doubling success rates while reducing behavioral variance 5.2x and achieving 2:1 advantage over non-strategic AI in Attack & Defense scenarios. Together, these advances establish a clear progression from AI-guided humans to human-guided game-theoretic cybersecurity superintelligence.

Towards Cybersecurity Superintelligence: from AI-guided humans to human-guided AI

TL;DR

This work defines cybersecurity superintelligence as AI that surpasses human capabilities in speed and strategic reasoning and traces its emergence through three milestones: PentestGPT, CAI, and G-CTR. It presents a progression from AI-assisted human operators to autonomous, expert-level agents and finally to human-guided, game-theoretic AI that can outthink adversaries, demonstrated by substantial speedups, cost reductions, and improved success rates across benchmarks. The key contributions include a modular architecture for LLM-guided security testing, a fully automated agent-centric framework with dramatic efficiency gains, and a neurosymbolic, game-theoretic approach that anchors AI actions in principled adversarial reasoning. Together, these findings suggest a path to democratized, high-level cybersecurity defense, while highlighting economic, governance, and autonomy challenges that must be addressed for widespread, responsible deployment.

Abstract

Cybersecurity superintelligence -- artificial intelligence exceeding the best human capability in both speed and strategic reasoning -- represents the next frontier in security. This paper documents the emergence of such capability through three major contributions that have pioneered the field of AI Security. First, PentestGPT (2023) established LLM-guided penetration testing, achieving 228.6% improvement over baseline models through an architecture that externalizes security expertise into natural language guidance. Second, Cybersecurity AI (CAI, 2025) demonstrated automated expert-level performance, operating 3,600x faster than humans while reducing costs 156-fold, validated through #1 rankings at international competitions including the $50,000 Neurogrid CTF prize. Third, Generative Cut-the-Rope (G-CTR, 2026) introduces a neurosymbolic architecture embedding game-theoretic reasoning into LLM-based agents: symbolic equilibrium computation augments neural inference, doubling success rates while reducing behavioral variance 5.2x and achieving 2:1 advantage over non-strategic AI in Attack & Defense scenarios. Together, these advances establish a clear progression from AI-guided humans to human-guided game-theoretic cybersecurity superintelligence.
Paper Structure (7 sections, 6 figures, 2 tables)

This paper contains 7 sections, 6 figures, 2 tables.

Figures (6)

  • Figure 1: Evolution of Alias Robotics' cybersecurity-specialized alias LLM family on the CAIBench-Jeopardy CTFs (Cybench) benchmark. Each cell indicates whether a challenge was solved using the $pass@3$ metric (success in at least one of three attempts), with a maximum of 245 minutes of compute time, 300 agent interactions per attempt and a maximum of 40 USD per challenge on API model expenses. See Appendix \ref{['appendix:full-model-comparison']} for a comparison including all evaluated models.
  • Figure 2: Cybench solve rate progression over time by model series, highlighting the alias series. The x-axis shows model launch dates, y-axis shows solved percentage of CAIBench-Jeopardy CTFs (Cybench)sanzgomez2025cybersecurityaibenchmarkcaibench benchmark. Each experiment was run for a maximum of 300 agentic interactions, 245 minutes of computing time per challenge, a maximum of 40 USD per challenge on API model expenses and with pass@3. Plot depicts how most models are rapidly improving, showing signs of benchmark saturation. A comprehensive comparison of all evaluated models is provided in Appendix \ref{['appendix:full-model-comparison']}.
  • Figure 3: Progression towards Cybersecurity Superintelligence: From AI-Guided Humans to Game-Theoretic AI Agents. The architecture illustrates three evolutionary stages: ❶AI-Guided Humans (PentestGPT, far left): LLMs provide planning assistance while humans remain in the loop for action execution and observation interpretation, achieving 47.8% success rate. ❷ Human expert-level AI Agents (CAI, center-left): Cybersecurity AI agents automating the security testing process and leading to 82.6% success rate. ❸Game-Theoretic AI Agents (CAI + G-CTR, right): game-theoretic reasoning augments the agent via attack graph generation, Nash equilibrium computation, and strategic digest injection, achieving 100% success rate on the same benchmark. The bar chart (middle) quantifies performance gains across stages, while the heatmap (bottom) shows per-challenge resolution, demonstrating that game-theoretic guidance enables solving challenges that pure AI agents cannot.
  • Figure 4: Game-Theoretic Attack Graph Analysis. Left: Attack graph topology showing nodes (vulnerabilities) and edges (attack transitions) extracted from the LLM context. Right: Nash equilibrium strategies computed by G-CTR algorithm. A good defense strategy would allocate monitoring resources to nodes 8 (67.4%) and 4 (32.6%), while optimal attack paths would exploit through nodes 1$\rightarrow$2$\rightarrow$4$\rightarrow$7$\rightarrow$9 and 1$\rightarrow$2$\rightarrow$3$\rightarrow$6$\rightarrow$8$\rightarrow$9, yielding an equilibrium success probability of 3.528%. Refer to mayoralvilches2025gametheoretic for more details.
  • Figure 5: Role inversion in cybersecurity superintelligence. Humans transition from Actor (executing tasks with AI advice) to Supervisor (overseeing AI strategy). Conversely, AI evolves from Advisor to Strategic Actor, assuming both execution and game-theoretic reasoning. This inversion redefines expertise economics, cognitive demands, operational tempo, and strategic dynamics.
  • ...and 1 more figures