Roughly 50,000 software vulnerabilities were disclosed last year, but only 446—less than 1%—were actually weaponized by threat actors. The fundamental problem for security teams has never been the sheer volume of bugs, but the ability to distinguish which ones adversaries will actually use. AI is making that distinction harder by compressing the time between a disclosed vulnerability and a working exploit from days to minutes.
Speed is the variable, not the threat landscape
Treating AI-assisted vulnerability discovery as a wholesale transformation of the threat landscape is a mistake that leads to expensive, destabilizing board conversations. The core threat fundamentals haven't changed, but the tempo has. Disclosed vulnerabilities have nearly doubled in the last five years, jumping from approximately 21,000 in 2021 to 50,000 in 2025. This growth was already underway before AI-assisted discovery became widely accessible.
For a CISO, the goal isn't to convince the board that they need to completely rebuild their security program. Instead, the actionable conversation is about ensuring intelligence capabilities can operate at the speed the new environment demands. Moving from a "rebuild" mindset to a "speed of intelligence" mindset turns a crisis into a manageable operational requirement.
The bottleneck has shifted from discovery to triage
When AI models return hundreds of new vulnerability findings, the bottleneck shifts immediately to prioritization. In most organizations, the triage process remains largely manual: analysts research findings, assess severity, and cross-reference guidance. At the volume and velocity produced by modern models, this manual workflow cannot keep pace, creating backlogs where critical exposures sit buried under noise.
This is an intelligence problem, not a tooling problem. Effective programs are building layers between discovery and action that automatically correlate findings against real-world adversary activity. By flagging vulnerabilities tied to active campaigns and providing context on what to do next, organizations can move from raw discovery to an intelligence-led response. One financial services firm recently rebuilt its vulnerability workflow around automation, recovering over 20 hours a week previously lost to manual triage.
Mapping the hidden internal attack surface
Most enterprise security investment focuses on what enters the environment or what executes at the endpoint. However, AI-assisted discovery surfaces a different category of risk: the exposures that already exist inside the environment. This includes software running on existing infrastructure, uninventoried third-party components, and vendor systems connected to the corporate network in ways that aren't fully mapped.
Security leaders who focus solely on the edge may find their most consequential vulnerabilities sitting deep within their infrastructure. Surfacing these internal risks proactively is better than waiting for a third party to highlight them during a breach. Operating at machine speed means matching the adversary's ability to find and exploit these hidden gaps before they can be weaponized.
Source: The Vulnerability Flood Is Now a Board Conversation. Here's How to Lead It.
Domain: recordedfuture.com
Comments load interactively on the live page.