Radware warns of AI ‘internet of machines’ by 2026
Cybersecurity company Radware expects machine-to-machine traffic, AI-driven attacks and tighter regulation to reshape digital risk in 2026, as organisations adjust security strategies for what it describes as an emerging "internet of machines".
Executives and researchers at the company forecast that autonomous software agents, new compliance rules and AI-enabled threat tools will alter how enterprises manage vulnerabilities, defend applications and interpret network activity.
Pascal Geenens, Vice President of Threat Intelligence at Radware, said the balance of online activity is shifting away from human users and towards automated systems.
"In 2026, M2M traffic will surpass human-initiated requests by a significant margin and by 2030 almost all traffic will be machine initiated. APIs will become the front lines of the agentic economy, and the first AI supply-chain attacks will redefine what 'trust' means in a machine-mediated world," said Pascal Geenens, VP, Threat Intelligence, Radware.
He said the rapid deployment of personal and enterprise AI assistants inside browsers, operating systems and business workflows will change network traffic patterns. These agents will increasingly make decisions and issue requests without direct human prompts.
Radware expects application programming interfaces, or APIs, to sit at the centre of this shift. Agents will chain together multiple APIs for tasks such as data retrieval and financial transactions. The firm said this makes APIs a likely focus for attackers in the coming year.
The company anticipates that malicious bots will use large language models and automation to imitate legitimate agents. Older bot-detection tools often rely on behavioural patterns and signatures. Radware forecasts that synthetic traffic will appear more human-like in intent while remaining automated, which it believes will fuel business logic attacks rather than traditional exploit-led intrusions.
The vendor also draws parallels between emerging "agentic" ecosystems and earlier software supply chain risks. It points to AI service connectors, plug-ins and specialised protocol endpoints as a new layer of third-party exposure.
Radware expects repositories and marketplaces that host agent-related services and manifests to attract attackers. It warns that adversaries may seed these with modified configurations and malicious context sources which then propagate through enterprise deployments.
The firm said this could create AI-native supply chain incidents. In that model, compromised services influence automated decision-making, siphon sensitive data or skew outcomes without obvious signs of tampering in the underlying code.
Geenens said the growing number of specialist protocols for agent communication, data exchange and payment will also create governance problems. He expects protocol fragmentation to make interoperability and security oversight more difficult.
Radware's Chief Information Security Officer, Howard Taylor, highlighted the compliance dimension as regulators introduce new rules on resilience, network security and AI use.
"Regulations, including the Digital Operational Resilience Act (DORA), the Network and Security Directive (NIS2), and the EU AI First Regulation, require a myriad of controls and processes. To meet the challenge, businesses must expand their Cybersecurity and Compliance resources. On the positive side, these investments will open business opportunities in the security-savvy market," said Howard Taylor, CISO, Radware.
The company believes organisations that cannot absorb the cost and complexity of these measures may reassess digital operations or market focus. It said those that do invest may view compliance not only as a regulatory burden but also as a differentiator with customers that demand higher security standards.
DevSecOps in runtime
Radware executives also expect changes in how development and operations teams handle vulnerabilities. They point to a shorter interval between public disclosure of flaws and observed exploitation.
Travis Volk, Vice President, Global Technology Solutions and GTM, Carrier at Radware, said service providers in particular face mounting pressure.
"With the growing number of exploited vulnerabilities and faster weaponization, Service Providers will face a significant increase in the number of zero-day events they will need to remediate. As target focus moves towards operating systems, security/networking software and applications, Service Providers will face the need for in-line protection to maintain predictable engineering for their most expense resources (encrypted workloads)," said Travis Volk, VP Global Technology Solutions and GTM, Carrier, Radware.
The company predicts that DevSecOps will extend deeper into runtime environments. It expects teams to embed protective controls within pipelines and network layers and to rely more on continuous monitoring and automated response rather than manual incident handling after an attack.
DDoS and invisibility
Radware also sees distributed denial-of-service activity changing as attackers make more use of AI for orchestration. It expects attackers to favour application-layer disruption and subtle interference with service flows.
Eva Abergel, Senior Product Marketing Manager at Radware, said DDoS should be treated as a broader operational hazard.
"In 2026, DDoS attacks will shift from being a known nuisance to a strategic blind spot. As AI becomes embedded in both attack orchestration and defense, we will see the rise of autonomous botnets capable of learning and adapting in real time. These tools will not just mimic user behavior but will predict and preempt mitigation tactics. The attacks will go beyond infrastructure, targeting business logic, third-party integrations, and application-level flows. Layer 7 DDoS will become the preferred method for attackers aiming to disrupt digital services while evading traditional detection. The real threat will not only be about volume anymore. It will also be about invisibility. Security teams will need to rethink DDoS as a business risk, not just a network problem," said Abergel.
AI arms race
Radware's Principal Security Evangelist, Chip Witt, said the use of AI in security is moving beyond experimentation on both sides of the threat divide.
"As we enter 2026, the intersection of AI, automation, and evolving threat models is reshaping the security landscape. These predictions are grounded in observable trends and emerging technologies, and reflect where I see the most meaningful shifts occurring. AI as Both Attacker and Defender Prediction: AI will be both the weapon and the shield in 2026. Threat actors are operationalizing generative and autonomous AI to launch adaptive attacks such as prompt injection, synthetic identity abuse, and automated reconnaissance. In response, defenders must deploy AI not just for detection, but for autonomous triage, decision-making, and mitigation. The arms race between adversarial and defensive AI will define the next era of application security. Why This Matters: Early signs of this shift are already visible. The velocity and variability of AI-driven threats demand a real-time, AI-native defense posture. This is not speculative; it is the next frontier. Agentic and Autonomous Security Becomes the Norm Prediction: Security will evolve into a dynamic, agentic system. Autonomous AI agents will continuously monitor, review, and remediate vulnerabilities across code, APIs, and runtime environments. This self-healing security architecture will scale with developer velocity and API sprawl, reducing human bottlenecks and enabling proactive defense. Why This Matters: As organizations push for faster releases and more distributed architectures, traditional security models cannot keep up. Agentic security is not just a nice-to-have; it is a necessity for resilience at scale. Zero Trust Expands to Machines, APIs, and AI Prediction: Zero Trust principles will extend beyond human users to encompass machine identities, APIs, and autonomous agents. Organisations will implement identity-aware API gateways, continuous authentication for non-human actors, and telemetry-driven access controls. The new perimeter is no longer a user; it is an API call, a service account, or an AI agent. Why This Matters: Machine-to-machine communication already dominates enterprise traffic. Ignoring this shift leaves a massive blind spot. Adapting Zero Trust to this reality is critical for securing modern environments," said Chip Witt, Principal Security Evangelist, Radware.
AI-led social engineering
Researchers at Radware also point to social engineering as an area of rapid evolution. They expect criminal groups to integrate synthetic voice tools into subscription services that automate scam calls and credential theft.
Arik Atar, Senior Researcher, Cyber Threat Intelligence at Radware, outlined an expansion of what he describes as an underground "social engineer-as-a-service" market. He links this growth to broader uptake of two-factor authentication and the response from attackers that aim to bypass it rather than avoid it.
"Prediction: The new AI-based social engineer-as-a-service economy will emerge. In 2025, we observed a significant rise in OTP-BOTs, subscription-based underground platforms designed to trick victims into inadvertently sharing their two-factor authentication codes -so users (Account crackers) can complete account takeovers.
We identify two indicators that these types of tools are going to be equipped with AI voice capabilities in 2026: These services are now fully automated, allowing threat actors to operate using an API and automate the process of social engineering 2FA-protected account owners when performing credential stuffing. If an "We sent a security code to your number" error returns, the OTP bot is scripted to automatically initiate a call to the victim's phone, using a legitimate service's caller ID, play an automatic voice message pretending to notify the victim about a fraud in its account, and lure the victim to share the 2FA code. Since most legit services currently use pre-recorded voice messages when contacting users, threat actors do as well; however, as AI technology advances, more companies are moving to AI-voice bots. Therefore, we expect Threat actors to follow up with social engineering bots that mimic real human voices, perhaps even those of a victim's relatives, to increase the credibility of the malicious call. The threat actors behind these services are already using AI for marketing and media generation. It's very likely that they will incorporate it into their product soon: Almost all OTP-bot ads we've examined in 2025 were made using AI (82% in text ads, 100% of media)
As the adoption rate of two-factor authentication is at an all-time high due to cybersec awareness, threat actors are nurturing an underground bot economy that allows them to take over 2FA-protected accounts as well. Improving their credibility with personalized voice spoofing is the next step of its evolution," said Arik Atar, Senior Researcher, Cyber Threat Intelligence, Radware.
Radware expects these developments to define what it describes as an agent-driven decade, as automated systems become the primary users of digital infrastructure and security teams adapt controls and monitoring to machine intent rather than human behaviour.