The near real-time patching era has arrived
AI-powered vulnerability discovery is accelerating exploit timelines, making continuous patch management a new application security priority.
Key takeaways:
- AI is accelerating vulnerability discovery and exploit development, giving defenders less time to respond.
- Continuous patch management is becoming essential as periodic scanning can leave security gaps.
- Third-party and open-source dependencies can slow remediation, making virtual patching and stronger DevSecOps workflows more important.
- Security teams must balance patching speed with operational risk, especially as exploit timelines shrink.
How is AI changing vulnerability discovery?
Cybersecurity teams need to prepare now for a forthcoming onslaught of vulnerabilities that will need to be remediated much faster than ever before.
The number of vulnerabilities being discovered and reported has already been steadily increasing over the last few months. However, with further advances in artificial intelligence (AI), most notably in the form of Mythos and ChatGPT 5.6 models from Anthropic and OpenAI, the overall number of vulnerabilities is only going to increase. Right now, however, not all the vulnerabilities being remediated lately have actually been formally reported, so limited access to the latest AI models might be working in favor of cybersecurity teams.
However, while access to the latest AI models from Anthropic and OpenAI is restricted, it’s now only a matter of time before open-source AI models will be able to match or exceed the vulnerability capabilities of proprietary AI models. In fact, there are reports that an AI model in China, dubbed Z.ai, that was developed by Zhipu AI, can already match the vulnerability capabilities of models developed in the U.S. The troubling thing is no one knows for sure how many vulnerabilities are being discovered but not disclosed as part of a larger effort to possibly weaponize them.
The challenge is that not everyone who has access to these AI models is working for the greater good. Malicious actors are already using AI models to detect vulnerabilities and, in some cases, reverse engineer an exploit in a matter of hours. Once that exploit is created, cybercrime syndicates are then able to distribute it around the globe at machine speed. That means cybersecurity teams no longer have the luxury of waiting weeks, sometimes months, before applying a patch assuming, of course, that one is actually available.
Why does patching speed now outweigh patching risk?
Instead, organizations will soon likely determine that the risks of not patching an application environment are greater than applying a patch that might disrupt availability of an application. After all, automation frameworks are making it easier to roll back an application update. In contrast, malware that can be exploited a few minutes after it has been injected into a production environment has the potential to cause far more havoc.
Like it or not, application security now needs to be maintained in near real time. In effect, the DevSecOps workflows that organizations rely on to update applications need to become continuous versus, in contrast, running an intermittent scan to see what updates were made in the last week that should be scanned for vulnerabilities.
The challenge, as always, is there is a world of difference between first-party and third-party code. Finding and fixing a vulnerability in code that an organization controls is comparatively straight forward. If a vulnerability emerges in an application provided by a third-party vendor, then short of applying some type of virtual patch, an organization is dependent on the provider of the application to provide an update.
Of course, in either case that vulnerability might actually stem from open-source code that a maintainer of a project would have to fix. The issue is that maintainers of open-source software projects usually lack the financial resources or, in most cases, the technical expertise to resolve the issue in a timely manner.
2026 Email Threats Report
Learn how AI and phishing-as-a-service are reshaping the email threat landscape and how to stay protected
Subscribe to the Barracuda Blog.
Sign up to receive threat spotlights, industry commentary, and more.
The Managed XDR Global Threat Report
Key findings about the tactics attackers use to target organizations and the security weak spots they try to exploit