File-based malware has long been among the most effective attack vectors employed by threat actors worldwide. It’s easy to see why, with the likes of Office docs, PDFs and various other formats created and shared in their billions every day. Files routinely cross standard and sensitive trust boundaries and are so fundamental to the way most organizations operate that, for many users, the potential security risks can be easily overlooked.
Specific tactics are highly nuanced, but files are typically manipulated to include malicious active content or executables that can evade detection-based security systems and, when triggered, can deliver extremely damaging payloads.
Adding to the challenge is AI, which is being used to accelerate the volume and variation of malware. While AI-powered detection technologies are coming to market to help address these growing risks, their outputs should be complemented by deterministic controls and human oversight, particularly in high-consequence environments.
Detection without oversight
From a security perspective, this is somewhat familiar territory. Pre-AI, most organizations would attempt to mitigate file-based risks using detection-based solutions, particularly signature-based anti-virus and behaviour-based sandboxing tools. These approaches have long played an important role in identifying known malware and previously observed malicious behaviours, and continue to do so. The downside, however, is that they are also limited by a fundamental reliance on predefined detection logic and observable execution paths.
The core challenge is that detection outputs, whether from traditional or AI-driven systems, express risk as confidence levels rather than certainty. A low score does not guarantee a file is safe, and a high score does not necessarily justify blocking access without consequence. This creates operational tension, with security teams often erring on the side of caution at the cost of disrupting legitimate workflows.
For novel, highly evasive or context-dependent threats that do not exhibit recognisable behaviour, these systems suffer from some obvious limitations, particularly when sufficient execution evidence cannot be obtained. Add AI to the mix, and files become even harder to confidently classify at the point of inspection. It’s not that AI is being used to create new file-based attack methods per se; the problem is more centred on the speed and scale of variation, with AI-enabled probabilistic detection constrained by the model’s learned patterns, underlying representations and optimisation parameters.
That’s not to say these systems don’t have an important role to play. AI-driven detection is already delivering significant improvements in threat visibility and intelligence, particularly the early identification of novel attack trends. But in high-consequence military or critical infrastructure environments, for example, probabilistic assessments should not be the only criterion for evaluating execution-capable content.
Deterministic detection and human oversight
With all that in mind, how can organizations strengthen their security posture beyond detection alone? The answer lies in integrating deterministic control alongside AI-driven detection with human oversight as part of a Zero Trust security strategy.
From the AI perspective, this approach uses machine learning models to proactively inspect files and identify patterns that traditional rules and signatures may miss. It is designed to remove uncertainty by enforcing predefined rules on which files are allowed to contain and what they are allowed to do, ensuring that only known-safe structures and capabilities are permitted.
When combined with human oversight, security teams can extend detection to situations where technical signals are ambiguous or when processes must be validated. In these circumstances, accountability for security decisions ultimately remains with human experts, further increasing confidence and levels of protection.
A case in point is the outage at Cloudflare last November, in which automation failures related to ML-dependent systems propagated faulty configurations at a massive scale, triggering widespread disruption among its customers. As it turned out, the problem was that policy decisions made by automated systems can carry significant consequences when they are trusted without sufficient oversight – not that the AI went rogue.
In the context of file security, integrating AI should also be supported by human oversight, particularly in Zero Trust environments, where every file must be treated as untrustworthy. With these technologies and processes at their disposal, security teams are much better positioned to address the risks posed by highly evasive, rapidly evolving file-based threats.
