Registration for Nomios Next is now live! Sign up for the cybersecurity event of 2026. More info

Contact us
Artificial Intelligence

The coming patch tsunami: how AI is rewriting the vulnerability landscape

Richard Landman
Placeholder for Richard landman 1024x1024Richard landman 1024x1024

Richard Landman , Marketing & Portfolio Director , Nomios Netherlands

2 min. read
Placeholder for Tsunami vulnerability ai cybersecurityTsunami vulnerability ai cybersecurity

Share

AI systems are finding vulnerabilities. Not incidentally, but at a scale and pace that is putting the traditional vulnerability chain under strain. And if AI finds them faster, attackers find them faster too.

What is shifting

Until recently, vulnerability discovery was largely human work: researchers spending months in a codebase, fuzzing campaigns running for weeks. That model does not scale with modern software landscapes.

AI-assisted vulnerability discovery is changing the economics. Palo Alto Networks is embedding AI capabilities across its Cortex and Prisma portfolio, Tenable is integrating generative AI into its exposure management platform, and initiatives like Project Glasswing are exploring how language models can be used to discover vulnerabilities in software. At the same time, we are seeing partnerships emerge between security vendors and AI labs such as OpenAI and Anthropic.

The claim that AI will fully replace human researchers in the short term remains overstated. What is happening: productivity per researcher is going up, automated triage is improving, and the number of issues found per unit of time is rising. The net effect is a growing stream of CVEs, advisories and patches arriving on the defensive side.

What this means for security operations

Patch Tuesday alone often generates dozens of updates, vendor advisories trickle in continuously, and zero-days demand ad-hoc reprioritisation. Add a structurally higher discovery rate to that, and the workload becomes unsustainable unless the approach changes.

The scarcity is shifting from "can we find it" to "can we prioritise it". Not every CVSS 9.8 is a 9.8 in your context. Without context — which asset, what exposure, which compensating controls — every team drowns in noise. At the same time, the window between disclosure and exploitation continues to shrink, because the same techniques researchers use are also available to those with less constructive intentions.

Why exposure management is breaking through now

Against that backdrop, exposure management is gaining momentum. Gartner introduced the concept of Continuous Threat Exposure Management (CTEM) to address precisely this problem: no longer vulnerability management as an isolated silo, but a continuous process that assesses assets, vulnerabilities, identities, configurations and attack paths in conjunction.

The core is that it asks the right question. Not "which CVEs do we have?" — that way you drown. But: "which vulnerabilities are actually exploitable in our environment, on which critical assets, and which attack paths run across them?" That reduces thousands of findings to a workable list of dozens.

For organisations still relying on classical vulnerability management, the coming patch wave means exposure management is no longer a "nice to have".

Where Nomios helps

Managed Exposure Management combines continuous asset discovery, vulnerability scanning, configuration analysis and attack path modelling into a single structured process, drawing on platforms such as Tenable One.

Security Assessments — from architecture reviews and configuration audits to compliance testing against ISO 27001, NIS2 and DORA — provide the periodic in-depth view that continuous monitoring complements. Group entity Dionach brings deep pentesting expertise here.

AI-driven pentesting is, for us, an addition to — not a replacement for — experienced pentesters. AI expands scope and accelerates reconnaissance; the judgement on what a finding is worth remains human work.

In closing

The patch wave is not a forecast. It is already here, and it grows each quarter. The same AI development that accelerates the attacker side also strengthens the defence — provided your processes and structure are in place to put that strengthening to work. Exposure management is the framework that makes that possible.

Want to explore where your organisation stands today? Get in touch for a no-obligation exposure assessment.

Get in touch

Do you want to know more about this topic?

Our experts and sales teams are at your service. Leave your contact information and we will get back to you shortly.

Call now
Placeholder for Portrait of french manPortrait of french man
Updates

More updates

Placeholder for Adobe Stock 407097430Adobe Stock 407097430
Palo Alto Networks

Artificial Intelligence

Koi and the Palo Alto Networks acquisition: agentic endpoint security becomes a category of its own

As a child, I used to fish for carp in the park pond in Voorschoten. Waiting patiently, watching for the float to move, hoping you'd spot it in time. Those carp are called koi in Japanese — a symbol of perseverance and attentiveness.

Richard Landman
Placeholder for Richard landman 1024x1024Richard landman 1024x1024

Richard Landman

3 min. read
Placeholder for Shadow ITShadow IT
Infoblox

Preemptive Security

Attacks start outside your network. So should your security.

Phishing pages, fake executive profiles, leaked credentials on the dark web – most attacks take shape long before they reach your network. Yet traditional security largely focuses on what happens after that boundary. Infoblox is taking a different approach.

Michel Geensen
Placeholder for Michel-GeensenMichel-Geensen

Michel Geensen

1 min. read
Placeholder for PKI post quantum transitionPKI post quantum transition

Quantum Security PKI

Preparing PKI for the post-quantum transition

PKI is one of the most complex parts of the post-quantum transition. Learn why certificate infrastructure requires early planning and what your organisation should focus on now.

Priyanka Gahilot
Placeholder for PriyankaPriyanka

Priyanka Gahilot

4 min. read
 See all updates