![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 372 101" xmlns="http://www.w3.org/2000/svg"><path d="M 50.542 0 C 78.455 0 101.083 22.61 101.083 50.5 C 101.083 78.39 78.455 101 50.542 101 C 48.515 101 46.517 100.879 44.552 100.648 C 36.91 85.583 32.603 68.544 32.603 50.499 C 32.603 32.455 36.909 15.416 44.551 0.352 C 46.516 0.12 48.515 0 50.542 0 Z M 15.546 14.064 C 24.108 23.784 29.301 36.536 29.301 50.501 C 29.301 64.465 24.108 77.217 15.547 86.936 C 5.965 77.745 0 64.819 0 50.5 C 0 36.181 5.965 23.254 15.546 14.064 Z M 357.842 47.812 C 357.842 42.857 356.039 38.892 350.087 38.892 C 345.308 38.892 340.98 42.226 340.98 49.254 L 340.98 74.663 L 326.822 74.663 L 326.822 27.81 L 340.619 27.81 L 340.619 34.117 C 343.865 29.882 348.734 26.729 355.317 26.729 C 365.327 26.729 372 33.036 372 46.1 L 372 74.663 L 357.842 74.663 Z M 308.559 74.663 L 308.559 69.707 C 304.591 74.212 299.812 75.744 293.77 75.744 C 283.761 75.744 276.547 70.698 276.547 61.327 C 276.547 52.948 282.048 49.074 295.394 46.821 L 308.199 44.659 L 308.199 42.766 C 308.199 39.523 306.665 37.09 300.985 37.09 C 296.115 37.09 293.139 39.433 293.049 43.127 L 278.982 43.127 C 279.162 32.135 288.54 26.729 300.804 26.729 C 315.052 26.729 321.996 32.225 321.996 41.055 L 321.996 74.663 Z M 297.828 66.013 C 303.239 66.013 308.199 63.4 308.199 56.823 L 308.199 53.308 L 298.279 55.291 C 293.41 56.192 290.975 57.363 290.975 60.787 C 290.975 64.031 293.32 66.013 297.828 66.013 Z M 250.679 75.744 C 235.258 75.744 226.602 65.202 226.602 51.236 C 226.602 37.27 235.258 26.729 250.679 26.729 C 266.189 26.729 274.846 36.64 274.846 52.768 L 274.846 55.471 L 240.308 55.471 C 241.39 61.598 244.998 65.202 250.679 65.202 C 255.729 65.202 258.704 63.49 260.507 60.246 L 274.034 60.246 C 270.968 69.527 262.762 75.744 250.679 75.744 Z M 240.398 46.37 L 261.049 46.37 C 259.786 40.604 256.179 37.27 250.679 37.27 C 245.268 37.27 241.661 40.604 240.398 46.37 Z M 202.218 75.744 C 186.978 75.744 178.321 65.202 178.321 51.236 C 178.321 37.27 186.978 26.729 202.218 26.729 C 216.105 26.729 223.77 34.297 225.212 45.199 L 211.145 45.199 C 210.243 40.694 206.997 38.081 202.218 38.081 C 195.545 38.081 192.569 43.217 192.569 51.236 C 192.569 59.255 195.545 64.391 202.218 64.391 C 207.267 64.391 210.333 61.417 211.145 56.372 L 225.212 56.372 C 223.77 67.725 216.195 75.744 202.218 75.744 Z M 151.568 75.744 C 135.787 75.744 127.13 65.202 127.13 51.236 C 127.13 37.27 135.787 26.729 151.568 26.729 C 167.439 26.729 176.096 37.271 176.096 51.236 C 176.096 65.202 167.439 75.744 151.568 75.744 Z M 151.568 64.391 C 158.872 64.391 161.848 59.255 161.848 51.236 C 161.848 43.217 158.872 38.081 151.568 38.081 C 144.354 38.081 141.378 43.217 141.378 51.236 C 141.378 59.255 144.354 64.391 151.568 64.391 Z" fill="rgb(0, 34, 49)" height="101px" id="nbwo4Zi91" width="372.00001062700176px"/></svg>)
Blog
Oran Moyal
|
|
Reading Time:
5
min
I spent years breaking into security systems, and the pattern was consistent. The attacks that worked were always the ones the system had not seen before. New techniques, new infrastructure, and new approaches were the key.
That’s the dynamic that we’re up against today. Defenders build around what they’ve observed, and then attackers adjust. They don’t have to mimic something legitimate perfectly. It just requires changing the right detail – the one the system doesn’t account for.
Once they do, there’s nothing to match against. The signal looks unfamiliar, not malicious, and that’s how the attack gets through.
Why Detection Models Keep Missing Modern Attacks
Email security was built around a different reality. One where the majority of attacks reused infrastructure, relied on known payloads, and followed patterns that repeated across campaigns. Targeted attacks existed, but they weren’t mainstream. Detection systems evolved in response to that structure. Rules and signatures captured known threats, reputation systems tracked infrastructure, and machine learning extended coverage by identifying variations of previously observed behavior.
Even as the technology advanced, the core approach remained consistent. Systems were trained on historical data and optimized to find similarities. That model worked because the majority of attackers continued to produce recognizable signals that could be learned and reused. But these systems were designed before targeted attacks became mainstream. As attacks evolved, those assumptions began to break down, and the most targeted campaigns consistently achieved higher success rates by moving through security layers without triggering detection.
How AI Changed the Nature of Email Threats
AI has removed the constraints that once limited targeted attacks, as it’s able to quickly generate convincing language, replicate context with minimal effort, and apply personalization at scale. What previously required time and precision can now be produced at rapid speed and consistently. The result is a class of attacks that blends directly into legitimate business communication, often leveraging external knowledge and, in some cases, internal data exposed through leaks or compromised vendor and employee accounts, and withstands surface-level inspection.
Where the Signal Actually Lives Now
In this environment, patterns lose their usefulness. The signal has not disappeared, but it has shifted into areas that are harder to evaluate automatically. It now exists in the relationships between participants, in the flow of communication over time, and in whether an interaction makes sense within its broader context.
What Analysts See That Systems Don’t
That shift becomes most visible when looking at how security teams handle these situations. During the early ideation phase of Ocean, we spent time with SOC teams reviewing emails that had bypassed their existing defenses.
The experience was consistent across teams. Once analysts investigated these emails, they could identify what the system had missed. The process, however, was long and tedious. In some cases, it took minutes. In others, it required hours or even days.
The Investigation Process
As part of this process, an analyst opens the thread and starts with the basics. They search the sender’s domain on the web, inspect any links, and open attachments or browse to URLs in an isolated environment. These initial checks are meant to surface a quick signal.
If that's not enough, the investigation deepens. The analyst reviews the surrounding context, examines how the sender typically communicates, compares the request with prior interactions, and evaluates whether the timing and content align with expected behavior. They analyze email headers for inconsistencies and trace the message across previous communications. Within minutes, the investigation surfaces a clear anomaly: the “smoking gun” that reveals the true intent behind the email.
Given the opportunity to investigate, security teams can determine whether a message is malicious with a high degree of confidence. The signal is present, but it exists in dimensions that automated detection systems do not evaluate. This is where the current model reaches its limit.
Why Investigation Has Always Been the Answer
Email investigation approaches the problem from a different starting point. It begins with the assumption that understanding the interaction is required. That means analyzing the content of the message, reconstructing communication history, evaluating participant behavior, and validating whether the request aligns with what is expected in that environment.
This is already how analysts work. They build an understanding of the situation and assess whether it is coherent. That approach holds even when the attack is new, because it does not depend on prior examples and adapts to the structure of the interaction itself.
For a long time, the challenge was applying this level of analysis consistently. Manually investigating every email has never been feasible. Detection systems handled volume, while analysts focused on the subset of messages that required deeper analysis. This created a persistent gap between what could be automatically filtered and what could be fully understood.
Bringing Investigation to Every Email with AI
Agentic AI advancements have changed what is possible. Investigation has always been the most reliable way to understand an email. The limitation was never the method. It was the inability to apply it consistently across the entire environment. That constraint no longer holds because AI can now operate on language, context, and behavior, while also using tools like browsing to URLs, searching the web, file analysis, and parsing content. This allows it to support full investigations, not as isolated checks, but as continuous reasoning processes that evaluate interactions as they unfold.
Each email needs to be treated as an event that requires understanding, which is only possible with an AI-native system that can reason across content, context, and behavior. What previously required manual effort across multiple tools can now be executed continuously and in real time with AI. The result is a conclusion supported by context, rather than a classification based on patterns.
Email attacks today are defined by how effectively they replicate real communication. Attackers operate through context, intent, and timing, while most defenses continue to rely on patterns. That gap is where modern attacks succeed.
Understanding the email itself has become the only reliable way to secure it. That’s the AI-native approach we’re building at Ocean, combining expertise from social engineering specialists, AI engineers, top-tier analysts who investigate thousands of enterprise email threats, and leading data scientists.
It brings the depth of a full investigation to every email, continuously and in real time.
If you’re still relying on detection as your primary layer, it’s time to see how this model performs in a live environment. Book a demo to experience it firsthand.