AI Broke Vulnerability Management. That's Why CISOs Are Moving Budget to BAS.
The traditional vulnerability management process, which relied on a months-long buffer between vulnerability discovery and exploitation, has been fundamentally disrupted by artificial intelligence. This buffer, which allowed security teams to triage, schedule, and fix vulnerabilities, has effectively disappeared. AI has accelerated the weaponization of vulnerabilities, eliminating the time previously available for remediation. Consequently, Chief Information Security Officers (CISOs) are reallocating budgets from traditional vulnerability management to Breach and Attack Simulation (BAS) platforms. BAS tools are designed to proactively test an organization's defenses against real-world attack techniques, mimicking the speed and sophistication now enabled by AI-driven exploitation. This strategic shift reflects a recognition that static vulnerability scanning and patching are no longer sufficient in an environment where threats can be weaponized almost instantaneously. The move towards BAS indicates a proactive approach to security, focusing on validating defenses rather than solely on identifying and fixing known weaknesses.
Original source — read the full reporting at the publisher:
Read on The Hacker News