The XTN Intelligence Team is actively studying the future of fraud prevention from both technological and threat intelligence perspectives. In a landscape where cybercrime is evolving at an industrial scale and artificial intelligence is rapidly reshaping attack methodologies, understanding what comes next has become as important as defending against what already exists.
Today, we explore why continuous intelligence has become a core requirement for maintaining an effective security posture in the era of Agentic AI.
In an ecosystem where an attack technique can become obsolete within just a few months, defense cannot afford to be static. To maintain an adequate security posture, companies must adopt a continuous-updating approach built on four main pillars. Let’s take a closer look at each of them.
Continuous Intelligence and Global AI Security Frameworks
In an ecosystem where attack techniques can become obsolete in a matter of months, defensive strategies must evolve at the same pace.
A critical pillar of continuous intelligence is the monitoring of international security frameworks and standards. Initiatives such as Open Worldwide Application Security Project (OWASP) guidance for LLM and Agentic Applications and the NIST AI Risk Management Framework define the baseline for secure-by-design AI systems.
OWASP was founded in 2001 by Mark Curphey, a cybersecurity practitioner focused on application security. He launched the initiative to create an open, community-driven space where professionals could share practical guidance on protecting web applications, rather than relying on vendor-specific frameworks. Today, OWASP provides hands-on security guidance based on real-world attack patterns and mitigations for large language models and autonomous agents, helping developers address risks such as prompt injection, data leakage, and unsafe tool use.
The National Institute of Standards and Technology (NIST) developed the AI Risk Management Framework through its U.S. federal mandate to improve the safety, trustworthiness, and reliability of emerging technologies. Created with input from industry, academia, and public stakeholders, the framework provides a voluntary, consensus-based approach to identifying, assessing, and managing AI risks across the system lifecycle.
NIST complements OWASP by introducing a structured, risk-based methodology that helps organizations align governance, security, and resilience practices in a consistent and measurable way.
Monitoring updates to these frameworks is essential, as they continuously evolve to reflect emerging risks and regulatory expectations, enabling organizations to keep their security posture aligned with current best practices.
Threat Intelligence: A Pillar of Continuous Intelligence
Another essential component of continuous intelligence is the systematic analysis of threat intelligence sources.
Reports from institutions such as the FBI Internet Crime Complaint Center (IC3) Annual Report, produced by the Federal Bureau of Investigation as a cybercrime intelligence and prevention tool that aggregates reported incidents to identify emerging threat patterns, alongside technical publications from AI security vendors and specialized red teaming organizations, provide early signals of how attackers are adapting to AI-driven environments.
These insights are crucial to identify emerging attack patterns, from prompt injection techniques to the misuse of autonomous agents in fraud workflows, before they become widespread in real-world operations.
Vulnerability Tracking Across the AI Ecosystem
The AI stack is expanding rapidly, and with it, the attack surface.
Modern AI applications rely on orchestration frameworks, agent-based architectures, and communication protocols that introduce new categories of vulnerabilities. This makes it important to continuously monitor public vulnerability databases, known as CVEs (Common Vulnerabilities and Exposures). These databases track newly discovered security flaws across software components and help organizations understand whether the technologies they rely on may be exposed to known risks.
At the same time, participation in security research initiatives such as bug bounty programs plays a key role. These programs incentivize ethical hackers to identify and responsibly report weaknesses before they can be exploited at scale, strengthening overall resilience across the ecosystem.
AI for AI Defense: The Next Security Paradigm
Perhaps the most significant shift in modern cybersecurity is the convergence of offensive and defensive AI capabilities. If attackers are using artificial intelligence to scale fraud, automate social engineering, and adapt their tactics in real time, defenders must respond with equally adaptive systems.
AI-powered defense mechanisms can analyze behavior patterns, detect manipulation attempts, and identify anomalies that traditional rule-based systems would fail to recognize. This creates a shift where AI becomes both the target and the primary layer of defense.
From Static Security to Continuous Intelligence
At XTN, we see Agentic AI not only as a technological evolution, but as a transformation of the entire fraud landscape. The role of our Intelligence Team is to monitor these developments and connect signals across technology, cybersecurity, and regulation, turning fragmented information into foresight.
Because in a world where both fraud and defense are becoming autonomous, the advantage won’t belong to whoever reacts fastest, but to whoever sees the shift coming first.
Stay tuned: each month, we will publish high-value insights and research on Agentic AI and its impact on the future of fraud prevention, helping decode how this technology is reshaping both attack strategies and defensive approaches in real time. In the meantime, read the previous contents on Agentic AI:
Offensive AI: When Artificial Intelligence becomes a weapon
Full interview with our CTO about Banking Security in the Agentic Era.
