The Rise of AI-Powered Vulnerability Management

39% of firms are using AI to solve data overload problems that stymie vulnerability and exposure management work

Speed of threat detection was used to evaluate AI efficacy by 57% of respondents

Costs were an obstacle for 46% of respondents in effective use of AI.

Endpoint security was a current application of AI in 52% of security tech stacks

The majority of organizations (55%) say that they’ve enabled AI in under half the tools in their environments that have it available

Endpoint security (34%), antivirus/anti-malware (31%), and malware analysis (31%) were the security tech categories where AI is thought to be the most overhyped

Basic vulnerability scanning was a current application of AI in 47% of security tech stacks

About 16% of security teams say their use of AI has been very beneficial and have made it a core part of their program

Antivirus/anti-malware was a current application of AI in 40% of security tech stacks

Approximately 56% of respondents reported that at least half of their security vendors tout their AI capabilities

The top five vulnerability management problems they’re actively trying to solve with AI today were: false positives (49%), overload of data (39%), reliance on manual processes (33%), disparate results from scanning tools (31%), and false negatives (31%)

46% of security teams primarily depend on AI that is embedded in their security tools and delivered by their vendors versus building their own

Just 6% of respondents say that they fully outsource their AI training

Security and privacy risks were a reason for turning off AI functionality, cited by 55%

Vendor reliability and maturity were a reason for turning off AI functionality, cited by 50%

A lack of transparency and explainability was the top reason for turning off AI functionality, cited by 58%

Around 45% say that AI is moderately beneficial and they’re starting to note the benefits

Incident response was the second security function where AI will provide the most value in the next 3 years, cited by 59% of respondents

77% of respondents reported that one or more of those vendors had overhyped their AI performance or are underdelivering on their promises

The No. 1 security issue respondents are most hopeful that AI will help fix is the prioritization of disparate results from scanning tools, for which 82% are hopeful for gains

21% say they apply AI to security through a mix of vendor-led and internal AI.

Sophisticated threat landscape was the most commonly cited security pain point, named by 60% of respondents

A scant 6% reported that AI is detrimental to their security program

Difficulty in tuning, training, and supervising AI was an obstacle to the effective use of AI for 39% of respondents

The top use case where security leaders say AI will offer most value is vulnerability and risk management, named by 74% of respondents

Third-party and supply chain risk was a big security pain point (42%)

Just 25% of teams use AI to power vulnerability prioritization

Just 18% have utilized GenAI to speed up summarization and reporting work

82% were optimistic about AI applicability to sifting through disparate results from scanning tools

81% were optimistic about AI applicability to dealing with overload of data

Lack of skilled personnel is the biggest obstacle to the effective use of AI in cybersecurity today, cited by 55% of respondents

Lack of transparency in AI decision making was an obstacle for 46% of respondents in the effective use of AI.

Just a fraction of respondents said that their tools come trained and/or tuned — 5%

Just over half of respondents said that they regularly disable AI functionality in some or all security tooling due to a range of considerations

1 in 5 respondents reporting that 75% or more of their tool stack promotes AI capabilities

Approximately 19% say they primarily apply AI to security through their own internal data science work

Approximately 1 in 4 organizations said they’re concerned about how AI use in the enterprise will make them more attackable (AI and generative AI concerns)

Only 18% use AI to bolster vulnerability remediation workflows

46% of firms say that they’re actively trying to use AI to solve false positive issues

56% cited data protection as a security function where AI will provide the most value in the next 3 years

42% cited identity and access management as a security function where AI will provide the most value in the next 3 years

56% of security teams say the use of AI has become crucial to their team’s operations

The top three most common security use cases for AI are endpoint security (52%), basic vulnerability scanning (47%), and antivirus/anti-malware (40%)

Only 21% use AI to automate away configuration management and system hardening

Among those security departments that do their own custom AI work, 66% report that they have hired their own internal data science staff within their security teams

35% cited reporting as a security function where AI will provide the most value in the next 3 years

Nearly a third of respondents reported that their team spends at least four hours per week training AI models within their own tools or within commercially available AI functionality

100% of those who said their AI is very beneficial and a vital part of their security program have internal data science staff members

86% of security teams today utilize some type of AI within their security tool stack

Speed of incident response was used to evaluate AI efficacy by 51% of respondents

Costs were an obstacle for 46% of respondents in effective use of AI.

False positive and negative rates are the No. 1 way that organizations reported that they evaluate the efficacy of AI in security, named by 66% of respondents