Environments and Benchmarks for Cybersecurity Agents - Andy Zhang, Stanford University

Environments and Benchmarks for Cybersecurity Agents - Andy Zhang, Stanford University AI agents are poised to significantly reshape cybersecurity, for both attackers and defenders. To responsibly harness this potential, we need rigorous benchmarks and environments that capture the complexity of real-world systems, provide meaningful measurements, and track the progress of agents over time. In this talk, we will outline desiderata for cybersecurity agent benchmarks and environments. We will begin with Cybench, which evaluates offensive capabilities using 40 professional-level Capture the Flag (CTF) tasks, introducing innovations such as verifiable tasks, first-solve time as a metric linked to real-world expertise, and log-linear difficulty scaling. Then, we introduce BountyBench, the first framework to evaluate both offensive and defensive AI cyber-capabilities directly on evolving real-world systems. BountyBench instantiates 25 complex, production-like environments—complete with servers, databases, and large codebases—and ties evaluation to the vulnerability lifecycle across three task types: Detect, Exploit, and Patch. By grounding tasks in 40 real bug bounties with monetary values ($10–$30,485), BountyBench quantifies AI agent impact in real dollar terms, and highlights asymmetries between attack and defense. We situate this work within broader analyses of frontier AI’s impact on cybersecurity, emphasizing the need for more benchmarks and environments.