Ainur
Cyber Security · Aotearoa NZ Doc 001 / Plate A · Rev 2026.04

AI Agents for
Cyber Security
Engineering.

Ainur builds and deploys agentic AI inside enterprise security functions. Three agents, designed to work together: vulnerability management with automated patching, secure code development, and continuous assurance through code.

See the agents Get in touch
Ainur · A · 001
The thesis
§00 / Manifesto

Cyber security has spent thirty years producing documents about systems that no longer exist by the time anyone reads them.

Threats now move at machine speed. Regulators are shifting from periodic audit to continuous attestation. And frontier AI has crossed the threshold where agents can reason about code, configuration and behaviour at a depth and speed no human team can match.

The next decade of cyber security is engineering work, not documentation work — and the engineers will be agents, supervised by humans, deployed where the consequences of failure matter most.

§01 The agents

Three agents. One discipline.

Agent 01 Active defence
Vulnerability management

Automated discovery and patching across your estate.

An agent that continuously discovers, prioritises and remediates vulnerabilities across infrastructure and applications — raising patches as code, with full audit trail and human approval gates where it matters.

  • Continuous CVE and configuration drift detection
  • Risk-prioritised patch generation as code
  • Automated remediation pull requests with provenance
  • Human-in-the-loop approval for sensitive changes
  • Integration with existing SIEM, ticketing and CI/CD
Agent 02 Build-time security
Secure code development

Security as a first-class citizen of the SDLC.

An agent that participates in development as a security peer — reviewing code on every commit, generating secure-by-default scaffolds, and remediating vulnerabilities at the source rather than discovering them post-deploy.

  • Pre-commit and pre-merge agentic code review
  • Secure-by-default code generation and refactoring
  • Threat modelling integrated with design artefacts
  • Coverage across mainstream languages and integration platforms
  • Standards aligned to OWASP, CWE and sector-specific regimes
Agent 03 Run-time evidence
Continuous assurance through code

Compliance as code, evidence on every change.

An agent that replaces point-in-time audit with pipelines generating machine-readable evidence on every change — producing attestation that auditors and regulators can verify rather than take on trust.

  • Control mapping to NZISM, ISO 27001, NIS2, NERC CIP, AESCSF
  • Evidence pipelines wired into IaC and runtime telemetry
  • Continuous attestation rather than periodic declaration
  • Audit-ready evidence repository with full lineage
  • Regulator-ready outputs in machine-readable formats
§02 Why now

Three forces, converging in 2026.

01 / Capability

Frontier AI crossed a threshold

Agents now reason about code, configuration and behaviour at a depth and speed no human team can match. Adversaries are using exactly the same capability. The question is who deploys it on the defender's side first.

02 / Regulation

Regulators are shifting

From periodic audit to continuous attestation. Different regimes worldwide are converging on the same direction: evidence that controls operate continuously, not declarations that they existed at a point in time.

03 / Speed

Threats now move at machine speed

Adversary breakout times are measured in seconds. No quarterly review, annual audit or human-only response cycle produces evidence at that timescale. Agentic engineering is the only pace that matches the threat.

§03 How we work

Engineering, not advisory.

01 Scoped before they begin

Engagements have a defined deliverable and timeframe. We don't do open-ended advisory or retainer-style work where the scope drifts into documents.

02 The person you meet does the work

No pyramids, no offshoring of the actual thinking. Senior practitioners run engagements end to end.

03 Artefacts, not reports

Outputs are agents that run, code that ships, pipelines that produce evidence. Documents only where they add value.

04 Designed to live in your environment

Agents and artefacts are built to operate inside your stack, on your terms. No vendor lock-in to a consultancy platform.

§04 Contact

Engineering, on the defender's side.

If you're a CIO, CISO or engineering leader thinking about how to deploy agentic AI inside your security function — or how to engineer compliance and assurance as code rather than as documents — we'd like to hear from you.

info@ainur.co.nz
Email info@ainur.co.nz
Based in Wellington · Aotearoa NZ
Coverage ANZ · UK · EU