35% of organizations say their datacenter security can support current AI needs

24% of organizations can fully inspect AI traffic without impacting performance

71% of organizations report increased web application firewall (WAF) false positives

88% of organizations say AI has increased security complexity

67% of organizations report fragmented security policies

54% of organizations have experienced an AI-related security incident

24% of organizations cannot confirm whether they experienced an AI-related security incident due to lack of visibility

48% of organizations cite non-human identities (AI agents, APIs) as a top concern

24% of organizations say they have no AI-specific access controls

16% of organizations enforce AI access controls consistently across the environment

86% of leaders rate unified security management across cloud, datacenter, and edge as critical for AI workloads

Only approximately 1.4% of publicly disclosed vulnerabilities are known to be exploited in real-world attacks.

Over 80% of known-exploited vulnerabilities have no Metasploit module.

36.5% of KEVs carry a CVSS score of 9.0 or above, while 63.5% are rated high, medium, or lower.

Multi-turn attack success rate (ASR) ranges from 7.89% to 88.30% across the 15 closed/proprietary flagship models in the cohort.

Single-turn attack success rate (ASR) ranges from 2.19% to 64.91% across the 15 closed/proprietary flagship models in the cohort.

Gemini 3 Pro shifts from 18.10% single-turn ASR to 73.35% multi-turn ASR, a 4x increase.

Cross-regime deltas (multi-turn ASR minus single-turn ASR) range from −34.74 percentage points to +55.25 percentage points across the cohort.

Eight of 15 models have an absolute cross-regime gap greater than 15 percentage points.

Nova 2 Lite shows 34.05% single-turn ASR but 7.89% multi-turn ASR.