We are early. The tooling for defensive AI is nascent. The patterns are still emerging. The vocabulary is fuzzy. I'll be the first to admit it. The direction is still clear.
The teams that treat AI as a full-spectrum capability — offense AND defense — will outpace the teams that either reject AI entirely or deploy it recklessly without safeguards. The middle path is not a compromise. It is the only path that actually scales. Reject AI and the velocity gap eats you. Deploy AI offense-only and the quality gap eats you. The teams running both sides at once will look like the obvious answer in retrospect.
The concrete moves are not exotic. Put two-thirds of your AI firepower on debt reduction, security, and testing. Give agents permission to write, run, and iterate on tests instead of just generating them. Automate the exception-to-fix pipeline so production signal flows into PRs without a human in the loop. Build the defensive infrastructure now, while the patterns are loose enough that you can shape them.
The alternative is humans moving slowly as the only answer to quality. That does not scale. Deep down, everyone knows it does not scale. The companies still pretending otherwise are buying eighteen months of comfort against five years of competitive pressure.
I've argued elsewhere that agentic defense is the missing half of the equation, that the offense-only problem is what makes the critics sound right, and that letting agents fight each other is a feature rather than a bug. The build order is sitting there. The teams who pick it up first will not be louder than everyone else — they will just be further along.
If you are building this, Tembo is free for light use. I'd love to see what defensive agents you stand up.
— Ry
Sources
Related Essays
Agentic Defense: The Missing Half of the Equation
For every unit of AI firepower aimed at building, deploy equal or greater firepower at securing, debugging, and testing. Here is what that looks like.
The Offense-Only Problem with AI Coding
Most developers deploy AI almost exclusively to ship features faster. The asymmetry is the problem — not the AI itself.
Let the Agents Fight Each Other
If a coding agent introduces a bug and a testing agent catches it and a debugging agent fixes it, that is a win. The developer's time was preserved.
Key takeaways
- Treat AI as a full-spectrum capability — offense and defense — or get outpaced.
- Two-thirds of firepower belongs on defensive work; one-third on offensive shipping.
- Defensive infrastructure built now compounds; built later, it is catch-up.
FAQ
What ratio of offense to defense should teams target?
Roughly one-to-two. Two-thirds of AI capacity on debt reduction, security scans, test generation, and exception-to-fix. One-third on shipping new features. Most teams are running the inverse and feeling the consequences.
How early should a team build defensive agent infrastructure?
Now. The tooling is nascent, the patterns are still emerging, and that is exactly why the teams that build it first will look obvious in eighteen months. Waiting for maturity means inheriting other people's defaults.