TekStream recently launched Proactive Cyber Defense, a new managed security offering designed to help organizations identify and mitigate cyber risks before attacks occur, arguing that traditional reactive security models struggle to keep pace with AI-driven threats.
The offering is designed to work alongside existing security investments, including MDR, XDR, SIEM, and cloud security platforms, without requiring organizations to replace existing tools.
- TekStream positions proactive defense as necessary in modern threat landscape
- From vulnerability management to exploitable risk reduction
- Cosmos platform uses deception technology and attack-path analysis
- Early deployments reveal signs of AI-assisted attacker activity
- TekStream sees proactive cyber defense becoming essential for enterprises
TekStream positions proactive defense as necessary in modern threat landscape
According to TekStream CEO Rob Jansen, the launch reflects a growing disconnect between security spending and measurable security outcomes.
“When you look at our customers in the mid-market, enterprise, and public-sector spaces, breaches are increasing, the costs are increasing, and boards are asking whether all of these investments are actually making organizations safer,” Jansen told Channel Insider.
“Companies are spending more money on tools, but they’re not getting a better quantifiable outcome,” he continued.
Telemetry data and AI-driven attacks increase noise
Jansen said many organizations now operate dozens of security products and generate massive volumes of telemetry, yet security leaders often struggle to answer fundamental questions from executives about whether risk is actually decreasing over time.
At the same time, he said, AI-enabled attacks are accelerating the challenge. Increases in ransomware, phishing, and other attack types have been well documented this year, largely tied to the expansion of AI into threat actors’ toolkits.
“Companies are talking about these capabilities as if they’re coming in the future,” Jansen said. “The reality is they’re already here.”
TekStream has pointed to emerging autonomous offensive security systems such as Anthropic’s Mythos as examples of how AI can dramatically increase the speed and scale of attacks.
While some of those tools remain largely research-oriented, company executives argue that attackers are already using similar capabilities in the wild.
From vulnerability management to exploitable risk reduction
Taylor Morgan, TekStream’s chief solutions officer and a former Palantir Technologies security leader, said organizations can no longer rely on periodic security assessments or vulnerability scans to stay ahead of threats.
“The environment is changing constantly,” Morgan said. “Once you have that printout of vulnerabilities, it’s already old. If you’re moving at human speed and patching periodically, you’re leaving yourself wide open to machine-speed attacks.”
Instead of focusing solely on vulnerability severity scores, Morgan said organizations need to prioritize what he calls “exploitable risk,” the actual attack paths adversaries could use to reach critical assets.
“It’s not just about finding vulnerabilities,” he said. “It’s about understanding how an attacker would chain them together and what the shortest path is to the crown jewels.”
Cosmos platform uses deception technology and attack-path analysis
At the center of the new offering is Cosmos, which TekStream describes as a continuously learning cyber defense platform. It is TekStream’s owned-and-operated technology, developed in-house, to facilitate its security services.
The system creates a digital representation of customer environments and uses deception techniques to observe attacker behavior, capture tactics and procedures, and generate new detection logic that can be deployed into security operations workflows.
Morgan said the platform continuously improves as it gathers intelligence across customer environments.
“The intelligence that compounds is adversary knowledge, not customer data,” he said. “Every adversary technique identified helps strengthen the broader defense model.”
Early deployments reveal signs of AI-assisted attacker activity
TekStream executives said one of the most notable findings from early deployments has been evidence of AI-assisted attacks operating inside customer environments.
According to Morgan, organizations often report they have not observed AI-driven attack activity, but TekStream has identified indicators of such behavior across multiple customer deployments in sectors such as education, healthcare, and manufacturing.
“We’re seeing AI-driven adversary activity in every environment where we’re running these capabilities,” Morgan said. “There’s a gap between what organizations think they’re seeing and what they’re actually able to detect.”
The company said its platform can identify characteristics associated with AI-powered attacks, including machine-speed reconnaissance and activity linked to specific large language model frameworks, such as OpenAI’s ChatGPT and Anthropic’s Claude.
TekStream sees proactive cyber defense becoming essential for enterprises
The company believes proactive security capabilities will become increasingly important as AI continues to lower barriers for attackers and accelerate the pace of threat evolution.
“The work that matters most happens before the SOC ticket gets opened,” Morgan said. “You have to understand adversary behavior, reduce exposure, and continuously strengthen defenses before incidents occur.”
Jansen said boards and executive teams are increasingly demanding measurable ways to understand cyber risk and determine whether security investments are improving an organization’s security posture over time.
Proactive Cyber Defense is available immediately for enterprise and mid-market organizations, with TekStream targeting regulated industries and complex operating environments.