Commercial AI Models Show Rapid Gains in Vulnerability Research

The rapid maturation of commercial generative AI is reshaping the vulnerability research landscape. A year ago, most AI systems failed basic security tasks, but today every model evaluated by Forescout can finish a full research workflow, and half can produce functional exploits without elaborate prompting. This leap is driven by advances in model architecture and the emergence of agentic frameworks like RAPTOR, which orchestrate multi‑step reasoning and code execution. The result is a democratization of offensive capabilities: even attackers with limited expertise can leverage off‑the‑shelf models such as Claude Opus 4.6 or Kimi K2.5 to locate and weaponize bugs in critical software.

Cost dynamics are equally pivotal. While Claude Opus 4.6 commands up to $25 per million output tokens, open‑source contenders like DeepSeek 3.2 execute comparable basic tasks for under $0.70 per test. This stark price differential enables threat actors to scale automated scanning across vast attack surfaces, while defenders must balance budget constraints against the need for advanced AI tools. Organizations are increasingly adopting a layered approach—deploying cheaper models for routine code review and reserving premium systems for high‑value assets—mirroring the strategy highlighted by Forescout’s research.

The broader implication for the cybersecurity ecosystem is a shift from a reactive posture to proactive assumption‑based defense. If AI can uncover previously unknown flaws in widely used software such as OpenNDS, enterprises must treat every component as potentially compromised. This drives investment in AI‑enhanced detection, continuous monitoring, and red‑team exercises that incorporate generative models. Moreover, initiatives like Project Glasswing, which aim to surface thousands of zero‑days, underscore the urgency for coordinated industry responses, including shared threat intelligence and standards for responsible AI use in security operations.