Post by Mandiant (part of Google Cloud)

AI models are finding and exploiting vulnerabilities faster than ever, fundamentally changing the economics of zero-day attacks. Highly capable general-purpose AI models are lowering the barrier to entry for threat actors of all skill levels. They are not only identifying vulnerabilities but also helping generate functional exploits. We are already observing threat actors leverage these tools in underground forums, shifting the landscape toward mass exploitation campaigns. Relying on human-speed patching and manual triage will fail against these machine-speed threats. To prevent severe overload, organizations must integrate AI defensively and shift their security practitioners from manual investigators to strategic coordinators. To modernize defensive strategies, organizations must prioritize automation and resilience: ✅ Secure code by proactively scanning repositories for secrets and mapping threat models to detect minor weaknesses that AI could chain together. ✅ Move to automated security operations by deploying specialized AI agents to autonomously investigate alerts and correlate signals without manual reverse engineering. ✅ Maintain continuous asset discovery across complex environments to seamlessly feed known assets into downstream security tooling. ✅ Protect deployed AI systems and agents using established methodologies like Google's Secure AI Framework (SAIF) and screening tools to block prompt injections. For less mature environments, the focus must begin with a reliable foundation: baselining your current state, expanding scanning coverage, and formalizing emergency remediation SLAs based on severity, exposure, and asset criticality. The traditional window between vulnerability disclosure and active exploitation has vanished, and the concept of severity is shifting as AI connects multiple low-level vulnerabilities into critical breaches. By leveraging Google Threat Intelligence, Mandiant Security Consulting, and Agentic SecOps, organizations can adopt an assume-breach mentality, automate remediation at scale, and disrupt the adversary lifecycle before they reach their objective. The best response to this evolving threat landscape is disciplined preparation. 📄 Read more in our blog post: https://bit.ly/4cpI8sv