AI is changing how malware is built—and how it’s caught. In this episode, Caleb Tolin is joined by Amit Malik, Staff Security Researcher at Rubrik Zero Labs, to unpack how large language models are transforming malware analysis, enabling defenders to sift through thousands of samples and surface truly novel threats. From Chameleon malware abusing WSL to AI-generated attack code, this conversation explores what real data resilience looks like in an AI-driven threat landscape.

What You’ll Learn

How LLMs help analysts move from syntax-level review to intent-based malware analysis

Why processing thousands of samples daily requires AI-assisted triage and clustering

How attackers are abusing WSL and cloud-native environments to evade detection

What AI-generated, dynamically delivered malware code means for traditional defenses

Where LLMs excel—and where human validation remains essential

Why resilience matters more than speed in AI-driven security operations

Episode Highlights

[00:00] AI-generated malware and shrinking attacker footprints

[03:30] Why Rubrik Zero Labs built an LLM-driven malware analysis system

[05:45] Scaling from 6,000 samples to 20 worth investigating
[07:40] Extracting malware “business logic” before sending code to LLMs

[10:05] Chameleon malware abusing Windows Subsystem for Linux

[13:00] APT-linked Linux RATs and what sophistication signals intent

[15:00] LLM hallucinations and the need for human verification

Episode Resources

Rubrik Zero Labs Research Reports