Verify Level Software program has launched Agentic Publicity Validation (AEV), a brand new AI-driven functionality inside its Publicity Administration platform that makes use of autonomous brokers to cause like attackers and supply safety groups with arduous proof of what’s genuinely exploitable of their setting, earlier than adversaries can act on it.
The launch comes because the risk panorama undergoes a basic shift. Frontier AI fashions are actually able to autonomously figuring out and weaponising vulnerabilities at machine velocity, compressing the imply time from CVE disclosure to confirmed exploitation from 2.3 years in 2018 to roughly 10 hours in 2026. On the similar time, 72.7% of exploited CVEs in 2026 are hitting as zero-days, up from simply 16.1% eight years in the past.
Past Severity Scores
Conventional vulnerability administration has lengthy relied on static severity scores, leaving safety groups to sift by 1000’s of flagged points with out figuring out which signify an actual, reachable danger. AEV takes a materially totally different method: slightly than assigning a rating and transferring on, it deploys AI brokers that work by every potential publicity utilizing logic that mirrors attacker reasoning.
The brokers correlate publicity information with asset context, dwell risk intelligence, present management protection, and recognized exploit analysis to find out whether or not a path to compromise really exists. When a route is blocked by an present management, AEV pivots to an alternate assault path. If no viable path exists, the risk is discarded. If exploitation is possible, the system produces direct proof, giving safety groups the arrogance to prioritise and act.
Early buyer engagements have already proven the aptitude of producing novel exploits for dozens of vulnerabilities that had no beforehand printed exploit code, illustrating the analytical depth of the brokers.
Closing the AI Arms Race Hole
Yochai Corem, Normal Supervisor of Publicity Administration at Verify Level, stated the product addresses an issue that has develop into existential for enterprise safety groups: “The period of autonomous, AI-driven exploitation is right here. Frontier AI fashions are attacking important vulnerabilities at scale, with out human steering. Safety groups are already inundated and can’t successfully handle that rising risk.”
Corem added that AEV is designed to place defenders on equal footing: “Agentic Publicity Validation is our reply: AI brokers that cause like attackers reviewing your organisation’s digital floor from the skin with our distinctive risk intelligence context, and show what is definitely exploitable, offering safety groups the proof and the remediation to behave well and successfully earlier than attackers do.”
A Vital Piece of CTEM
Verify Level positions AEV as a validation layer inside Steady Risk Publicity Administration (CTEM) programmes, transferring organisations from discovery and prioritisation into evidence-based publicity discount. The validation step has traditionally been handbook, sluggish, and resource-intensive. AEV’s protected proving loop, analysing property and CVEs, enriching findings with dwell Verify Level risk intelligence, verifying whether or not present controls already block the trail, and constructing focused validation with out disruptive methods, is designed to make that step autonomous and steady.
Agentic Publicity Validation is on the market now as a part of Verify Level Publicity Administration. Organisations can request a complimentary AEV scan to see what an agentic attacker would uncover on their exterior assault floor.
