In 1962, the U.S. Congress passed the Tariff Classification Act, which amended the Tariff Act of 1930 to implement new tariff schedules. In particular, the act included Tariff Item 807.00, which eliminated tariffs on products that were assembled abroad from U.S. parts. This seemingly minor policy change had far-reaching effects: semiconductor companies, starting with Fairchild Semiconductor, began moving assembly operations to Asia to take advantage of substantially lower wages. This policy shift, combined with basic economic incentives, fundamentally reshaped the global technology landscape in ways that are still playing out today.
Why start an article about AI and cybersecurity with a discussion of 1960s tariff policy? Timely, yes I know. Sometimes small technical or economic shifts create fundamental changes in power structures that reverberate for decades. We are witnessing such a shift today, but this time the impact isn't coming from government policy – it's coming from the collapse of what we might call the "cost of digital violence."
The Cost of Violence Theory
In his 1997 book "The Sovereign Individual," James Dale Davidson and Lord William Rees-Mogg advance a provocative theory: the most important variable in human political history is the relative cost of offense versus defense – what they call the "cost of violence." When defense is cheaper and more effective than offense, power fragments. When offense becomes cheaper, power consolidates.
Consider medieval Europe, where castle walls provided effective defense at a reasonable cost. A local lord could build a stronghold that would require a much larger attacking force to overcome. This asymmetry – cheap defense, expensive offense – created a landscape of distributed power with numerous small fiefdoms and city-states.
The invention of the cannon fundamentally altered this equation. Suddenly, castle walls were vulnerable to a technology that could efficiently breach them. As Davidson and Rees-Mogg write, those who could afford cannons – initially just two countries – gained dramatic advantages, leading to the rise of empires and the fall of feudalism. The relative cost of offense had dropped, changing the power structure of Europe.
This framework provides a powerful lens for understanding our current digital moment. As Outtake.ai founder Alex Dhillon puts it: "What just happened is the cost of offense on cyber just went to zero. LLMs make it zero dollars to be an asshole online now."
The rise of generative AI has dramatically reduced the cost of conducting digital attacks. Creating convincing phishing emails, fabricating fake websites, generating deepfake videos, producing synthetic voices, and launching social engineering campaigns – tasks that previously required significant skill and resources – can now be automated at massive scale with minimal investment.
Outtake.ai: Building the New Castle Wall
In late 2022, a fake tweet claiming Tesla was accepting Dogecoin as payment went viral. The Tesla stock briefly spiked before the hoax was exposed. Around the same time, deepfakes of prominent figures promoting crypto scams proliferated across YouTube. These weren't isolated incidents – they represented the new reality where AI makes creating convincing digital forgeries nearly effortless.
This is the world Alex Dhillon observed after leading AI products at Palantir, where he'd worked closely with security-conscious organizations. When Dhillon founded Outtake.ai in October 2023, his team of Palantir veterans weren't just launching another cybersecurity startup – they were responding to the fundamental shift in the digital attack landscape.
Outtake's mission is straightforward but ambitious: protect, understand, and license the online identity of the people and brands who influence our society. The company describes itself as a "content intelligence" platform, using AI to monitor rich media (video, images, audio) across the web to defend against impersonation, deepfakes, and brand abuse.
The company's rapid growth is especially striking by security startup standards. This trajectory has attracted significant investor attention, with the company securing $20 million in funding – a $16.5 million Series A led by CRV after a $3.5 million seed round from Slow Ventures, Night Ventures, Mantis VC (founded by The Chainsmokers), former OpenAI chief research officer Bob McGrew, and others.
What makes Outtake's approach different from traditional brand protection or anti-phishing services is its fully autonomous, AI-driven methodology. Rather than simply alerting clients to potential threats, Outtake deploys what they call "agentic AI" – essentially autonomous agents that can search, classify, and neutralize threats in real time.
The Technical Challenge of Defending Identity
Let's break down what happens when a brand like Bank of America faces an impersonation attack today. Scammers might create fake customer support accounts on social media platforms, impersonating the bank to trick customers into sharing sensitive information.
Before AI, this was labor-intensive: criminals had to manually create convincing fake profiles, actively respond to customers, and maintain their operations. The friction inherent in this process naturally limited the scale of such attacks.
With generative AI, however, creating hundreds or thousands of convincing profiles, complete with believable responses, costs almost nothing. Dhillon explains:
"But you can imagine you throw LLMs on top of this, and you're like, wait a minute, I can get a hundred fake customer support things going. And it's like $3 and no work for me. And so the volume on this attack approach just exploded over the last year and a half."
Outtake's approach to this challenge has three components: search, classification, and removal.
The search phase is more complex than it might initially seem. Traditionally, companies would employ people to search for brand mentions using various keywords. But effective searching requires understanding context and continuous adaptation. For example, if Bank of America starts promoting mortgages in Texas, scammers will quickly adapt their tactics to mirror this specific marketing angle. The search terms need to evolve along with the brand's activities and the tactics of attackers.
The classification phase involves determining what's genuine versus harmful. When examining a social media account or website, humans intuitively assess multiple factors: Is the language professional? Does the branding look authentic? Is there suspicious activity? Training AI models to make these determinations with high accuracy is complex.
Finally, the removal phase requires automating the legal process of taking down infringing content. The Outtake team has developed software that can inspect code on malicious websites and then quickly draft legal documents to request takedowns – a process that previously required hiring expensive lawyers.
The technical infrastructure supporting all this must operate at massive scale. Outtake processes over 100 terabytes of content daily, monitoring everything from social media platforms to domain registrations, app stores, and advertising networks.
The Strategic Implications of Zero-Cost Attacks
The rise of zero-cost digital attacks has profound implications for how organizations must think about security. Traditional cybersecurity approaches that rely on human oversight and manual intervention simply can't keep pace with the volume and sophistication of AI-generated threats.
Similarly, traditional security vendors are attempting to extend human-centered security practices to the AI era. Outtake represents a fundamentally different approach – one where AI systems autonomously defend against other AI systems with minimal human intervention.
This approach is necessary because the economics have changed so dramatically. In a world where attacks can be generated at near-zero cost, defense must similarly scale without linear increases in cost. Only AI systems can provide this level of scalable defense.
The AI-Defense Equilibrium framework helps us understand not just Outtake's business prospects, but the larger implications for digital security in this new era:
New Defense Paradigms: Just as the cannon forced a rethinking of physical defenses beyond castle walls, AI-driven attacks are forcing a rethinking of digital defenses beyond human-supervised systems.
Integration vs. Specialization: While established security vendors like CrowdStrike and Palo Alto Networks are adding AI capabilities to their comprehensive security suites, Outtake is taking a specialized approach, focusing specifically on identity protection and deepfake detection.
Speed of Response: When attacks can be generated instantaneously, defense cycles must match this speed. Outtake's claim of neutralizing hundreds of threats within hours illustrates the new tempo of security operations.
Moat Building: Companies that accumulate data advantages in identifying and responding to AI-generated threats will build significant competitive moats, as each incident strengthens their detection and response capabilities.
The Comparative Landscape
Outtake isn't alone in recognizing the need for AI-driven defense. The cybersecurity landscape is evolving rapidly to address the threat of AI-generated attacks.
What gives Outtake a potential edge is its deep focus on agentic AI. If their agents truly are more autonomous and effective than competitors', Outtake could maintain a technological lead even as the market grows more crowded.
The Future of Digital Trust and Expansion Plans
The collapse in the cost of digital attacks will have far-reaching consequences. When impersonation, phishing, and other forms of digital deception become trivially cheap to execute at scale, the very foundation of digital trust is threatened.
This leads to several potential futures:
AI Arms Race: Offense and defense continuously escalate, with each side developing more sophisticated tools to outwit the other. This is the most likely near-term scenario, with companies like Outtake leading the defensive response.
Platform Responsibility: Major platforms like Meta, Google, and Microsoft could integrate sophisticated AI detection directly into their services, potentially obviating the need for third-party solutions like Outtake.
Regulatory Intervention: Governments could mandate digital authenticity requirements, such as digital watermarking of AI-generated content or identity verification for certain types of online interactions.
Trust Breakdown: If defensive measures fail to keep pace with offensive capabilities, we could see a fundamental erosion of trust in digital communications, leading to significant behavioral changes in how people and organizations interact online.
Outtake is betting on the first scenario – that advanced AI defense can effectively counter AI-driven attacks, maintaining a baseline level of digital trust. Their early success suggests there's merit to this approach, but the challenge will be staying ahead as offensive capabilities continue to evolve.
Conclusion: The Automated Defense Imperative
The rise of zero-cost digital attacks represents one of the most significant shifts in the security landscape since the emergence of the internet itself. Generative AI has fundamentally altered the economics of offensive actions online, creating an urgent need for equally scalable defensive measures.
Outtake.ai exemplifies the new paradigm of automated defense – using AI not just to detect threats but to autonomously disrupt them in real-time. Their approach recognizes that the volume and sophistication of AI-generated threats have outpaced traditional human-centered security models.
As we navigate this new frontier of AI-on-AI competition, one thing is clear: the cost of digital violence has fundamentally changed, and our defensive strategies must change with it. In such an environment, automated defense isn't just a competitive advantage – it's an imperative.