AI-assisted exploit development compressed the average time from vulnerability disclosure to a working exploit from 125.3 days in January 2025 to 0.5 days by April 2026.

55.7% of critical CVEs never received scanner coverage at all.

44.3% of critical CVEs received scanner coverage.

62.0% of critical vulnerabilities with known exploits had a working exploit available before scanner detection signatures shipped.

54.0% of CVEs published since January 2025 had no detection signature from Tenable, Qualys, or Rapid7.

Median detection lag from vulnerability disclosure was 0.1 days for Tenable, 2.9 days for Qualys, and 5.1 days for Rapid7.

Exploits appeared before scanner detection for 62.5% of critical CVEs at Tenable, 64.5% at Qualys, and 73.5% at Rapid7.

77% of organizations have updated their security strategy for cloud in response to AI

26% of organizations report having the architecture to enforce their AI-related cloud security strategy

78% of organizations report confirmed or suspected AI-related security incidents over the past year

52% of AI workloads span hybrid environments

64% of organizations say their architecture needs redesign to support AI workloads

76% of organizations rate datacenter security as critical for AI

35% of organizations say their datacenter security can support current AI needs

24% of organizations can fully inspect AI traffic without impacting performance

71% of organizations report increased web application firewall (WAF) false positives

88% of organizations say AI has increased security complexity

67% of organizations report fragmented security policies

54% of organizations have experienced an AI-related security incident

24% of organizations cannot confirm whether they experienced an AI-related security incident due to lack of visibility