After reviewing the market, speaking with vendors, and testing tools, four convictions emerged. They cut through the noise and highlight where real progress is happening and where the gaps remain. Vulnerability management is a promising AI use case.  

AI-Native Players Are Setting the Pace 

The most advanced AI features in vulnerability management do not come from the big historical vulnerability management solution vendors. Instead, they’re emerging from new challengers’ platforms built natively with AI in mind, cloud-first, and workflow-oriented. These tools don’t just promise insights; they structure the entire process around actionability. The goal isn’t to generate more alerts, but to generate the right ones, business-oriented and directly connected to where the action is happening. 

And that lead isn’t going unnoticed. Some of the most promising AI-native startups are already being acquired by legacy players looking to catch up. For example, Opus Security, who built from the ground up to automate cloud remediation workflows, was recently acquired by Orca Security, a major cloud-security solution. It’s a familiar cycle: the innovation starts outside, then gets absorbed in. 

In this landscape, real progress isn’t always where the brand is biggest, but where the product thinks natively in AI, in cloud and in real operational flow. 

Not All Use Cases Deliver Equal Value 

Even among the best tools, AI performance is uneven because some tasks are just better suited for it than others. Detection, for instance, still relies mostly on signature-based scanning. There’s little room for real intelligence there. But move a step further to prioritization, remediation planning, or decision support and the picture changes. 

That’s where machine learning starts to add real value: correlating exploitability trends, learning from previous analyst actions, adapting to asset criticality.

Better Data Means Better AI 

Even the most advanced AI models only create value if they connect to the systems where remediation happens. Identifying critical vulnerability is important, but the real impact comes when it translates into a ticket, an owner, and measurable progress.  

This is often where solutions differentiate: the most effective platforms integrate seamlessly into workflows, ensuring that AI outputs lead to action, not just dashboards. 

Seeing Through the AI Label 

Many “AI” features in today’s tools are closer to advanced automation, fixed scoring formulas, or guided decision trees than true machine learning. Generative AI is beginning to appear, mostly in support roles such as summarizing alerts, suggesting remediation text, or simulating attacker behavior though adoption in production remains cautious.  

The key question for buyers is not simply “is there AI?” but “what type of AI, applied where, and with what measurable benefit?” This perspective helps distinguish between marketing claims and operational value.

Conclusion: What Makes AI Actually Work 

AI is now everywhere in vulnerability management, at least in name. But as we’ve seen, real impact remains uneven. Our exploration wasn’t about catching hype. It was about digging deeper: where does AI bring value? Which solutions go beyond buzzwords to truly help teams act faster, smarter, and more effectively? 

That’s why we chose to focus on the platforms and use cases where AI doesn’t just exist, it works. And the difference is visible. 

• In prioritization, AI-native tools learn from exploit trends, analyst behavior, and asset context to deliver sharper, more relevant risk rankings not just generic CVSS scores. 
• In remediation planning, the best platforms integrate AI into workflows: suggesting next actions, assigning ownership, and tracking progress across tools. 
• In decision support, AI enables faster triage, generates contextual summaries, and helps analysts see through noise. 

These aren’t theoretical gains. They translate into real operational leverage: fewer false positives, faster time-to-patch, and reduced cognitive overload for security teams. 

The key difference? The most impactful solutions aren’t retrofitting AI into legacy workflows. They’re designed natively to embed intelligence throughout the chain from detection to resolution. 

As pressure increases and attackers accelerate, this matters more than ever. In this environment, AI isn’t a differentiator, it’s a necessity. But only when it’s done right: targeted where it counts, integrated into real workflows, and measured by outcomes not marketing claims. 

Cet article AI in Vulnerability Management: Maturity, Myths, and the Real Innovation Curve  est apparu en premier sur RiskInsight.

The AI security market is entering a new phase

After several years of excitement and exploration, we are now witnessing a clear consolidation of the AI security solutions market. The AI security sector is entering a phase of maturity, as reflected in the evolution of our AI Security Solutions Radar. Since our previous publication (https://www.wavestone.com/fr/insight/radar-2024-des-solutions-de-securite-ia/), five major acquisitions have taken place:

• Cisco acquired Robust Intelligence in September 2024
• SAS acquired Hazy in November 2024
• H Company acquired Mithril Security at the end of 2024
• Nvidia acquired Gretel in March 2025
• Palo Alto announced its intention to acquire ProtectAI in April 2025

These motions reflect a clear desire by major IT players to secure their positions by absorbing key technology startups.

Simultaneously, our new mapping lists 94 solutions, compared to 88 in the October 2024 edition. Fifteen new solutions have entered the radar, while eight have been removed. These removals are mainly due to discontinued offerings or strategic repositioning: some startups failed to gain market traction, while others shifted focus to broader AI applications beyond cybersecurity.

Finally, a paradigm shift is underway: solutions are moving beyond a mere stacking of technical blocks and evolving into integrated defense architectures, designed to meet the long-term needs of large organizations. Interoperability, scalability, and alignment with the needs of large enterprises are becoming the new standards. AI cybersecurity is now asserting itself as a global strategy, no longer just a collection of ad hoc responses.

To reflect this evolution, we have updated our own mapping by creating a new category, AI Firewall & Response, which results from the merger of our Machine Learning Detection & Response and Secure Chat/LLM Firewall categories.

Best of breed or good enough? The integration dilemma

With the growing integration of AI security components into the offerings of major Cloud Providers (Microsoft Azure, AWS, Google Cloud), a strategic question arises:
Should we favor expert solutions or rely on the native capabilities of hyperscalers?

• Specialized solutions offer technical depth and targeted coverage, complementing existing security.
• Integrated components are easier to deploy, interoperable with existing infrastructure, and often sufficient for standard use cases.

This is not about choosing one over the other but about shedding light on the possibilities. Here is an overview of some security levers available through hyperscaler offerings.

Confidential Computing

This approach goes beyond securing data at rest or in transit: it aims to protect computations in progress, using secure enclaves. It ensures a high level of confidentiality throughout the lifecycle of AI models, sensitive data, or proprietary algorithms, by preventing any unauthorized access.

Filtering

Cloud Providers now integrate security filters to interact with AI more safely. The goal: detect or block undesirable or dangerous content. But these mechanisms go far beyond simple moderation: they play a key role in defending against adversarial attacks, such as prompt injections or jailbreaks, which aim to hijack model behavior.

Robustness Evaluation

This involves assessing how well an AI model withstands disruptions, errors, or targeted attacks. It covers:

• exposure to adversarial attacks,
• sensitivity to noisy data,
• stability over ambiguous prompts,
• resilience to extraction or manipulation attempts.

These tools offer a first automated assessment, useful before production deployment.

Agentic AI: a cross-cutting risk, a distributed security approach

Among the trends drawing increasing attention from cybersecurity experts, agentic AI is gaining ground. These systems, capable of making decisions, planning actions, and interacting with complex environments, actually combine two types of vulnerabilities:

• those of traditional IT systems,
• and those specific to AI models.

The result: an expanded attack area and potentially critical consequences. If misconfigured, an agent could access sensitive files, execute malicious code, or trigger unexpected side effects in a production environment.

An aggravating factor adds to this: the emergence of the Model Context Protocol (MCP), a standard currently being adopted that allows LLMs to interact in a standardized way with third-party tools and services (email, calendar, drive…). While it facilitates the rise of agents, it also introduces new attack vectors:

• Exposure or theft of authentication tokens,
• Lack of authentication mechanisms for tools,
• Possibility of prompt injection attacks in seemingly harmless content,
• Or even compromise of an MCP server granting access to all connected services.

Beyond technical vulnerabilities, the unpredictable behavior of agentic AI introduces a new layer of complexity. Because actions directly stem from AI model outputs, a misinterpretation or planning error can lead to major deviations from the original intent.

In this context, securing agentic AI does not fall under a single category. It requires cross-cutting coverage, mobilizing all components of our radar: robustness evaluation, monitoring, data protection, explainability, filtering, and risk management.

And this is precisely what we’re seeing in the market: the first responses to agentic AI security do not come from new players, but from additional features integrated into existing solutions. An emerging issue, then, but one already being addressed.

Our recommendations: which AI security components should be prioritized?

Given the evolution of threats, the growing complexity of AI systems (especially agents), and the diversity of available solutions, we recommend focusing efforts on three major categories of security, which complement each other.

AI Firewall & Response: continuous monitoring to prevent drifts

Monitoring AI systems has become essential. Indeed, an AI can evolve unpredictably, degrade over time, or begin generating problematic responses without immediate detection. This is especially critical in the case of agentic AI, whose behavior can have a direct operational impact if left unchecked.

In the face of this volatility, it is crucial to detect weak signals in real time (prompt injection attempts, behavioral drift, emerging biases, etc.). That’s why it’s preferable to rely on expert solutions dedicated to detection and response, which offer specific analyses and alert mechanisms tailored to these threats.

Model Robustness & Vulnerability Assessment: test to prevent

Before deploying a model to production, it is crucial to assess its robustness and resistance to attacks. This involves classic model testing, but also more offensive approaches such as AI Red Teaming, which consists of simulating real attacks to identify vulnerabilities that could be exploited by an attacker.

Again, the stakes are higher in the case of agentic AI: the consequences of unanticipated behavior can be severe, both in terms of security and compliance.

Specialized solutions offer significant value by enabling automated testing, maintaining awareness of emerging vulnerabilities, and supporting evidence collection for regulatory compliance (for example, in preparation for the AI Act). Given the high cost and time required to develop these capabilities in-house, outsourcing via specialized tools is often more efficient.

Ethics, Explainability & Fairness: preventing bias and algorithmic drift

Finally, the dimensions of ethics, transparency, and non-discrimination must be integrated from the design phase of AI systems. This involves regularly testing models to identify unintended biases or decisions that are difficult to explain.

Once again, agentic AI presents additional challenges: agents make decisions autonomously, in changing environments, with reasoning that is sometimes opaque. Understanding why an agent acted in a certain way then becomes crucial to prevent errors or injustices.

Specialized tools make it possible to audit models, measure their fairness and explainability, and align systems with recognized ethical frameworks. These solutions also offer updated testing frameworks, which are difficult to maintain internally, and thus help ensure AI that is both high-performing and responsible.

Conclusion: Building a Security Strategy for Enterprise AI

As artificial intelligence becomes deeply embedded in enterprise operations, securing AI systems is no longer optional—it is a strategic imperative. The rapid evolution of threats, the rise of agentic AI, and the growing complexity of models demand a shift from reactive measures to proactive, integrated security strategies.

Organizations must move beyond fragmented approaches and adopt a holistic framework that combines robustness testing, continuous monitoring, and ethical safeguards. The emergence of integrated defense architectures and the convergence of AI security categories signal a maturing market—one that is ready to support enterprise-grade deployments.

The challenge is clear: identify the right mix of specialized tools and native cloud capabilities, prioritize transversal coverage, and ensure that AI systems remain trustworthy, resilient, and aligned with business objectives.

We thank Anthony APRUZZESE for his valuable contribution to the writing of this article.

Cet article 2025 AI security solutions Radar est apparu en premier sur RiskInsight.