Palo Alto Networks published an update to its Frontier AI Defender's Guide yesterday with new benchmark data from Unit42's internal vulnerability research. The numbers are worth reading carefully.
Using frontier AI models - specifically Claude Mythos Preview and GPT-5.5-Cyber - the team scanned more than 130 products for software vulnerabilities in a single month. They found 75 legitimate vulnerabilities that have since been patched.
Their historical baseline for human-only research is 5 to 10 vulnerabilities per month.
That is a 7x improvement. Unit42 describes the output as "the equivalent of a full year's worth of penetration testing effort in less than three weeks."
The attacker access window
The defensive case for this capability is obvious: if your security team finds vulnerabilities before attackers do, you can patch them before they become weapons.
The problem is the window. Unit42 estimates that defenders have three to five months before attackers broadly gain access to frontier AI cyber capabilities at the level currently available to Glasswing participants and early adopters. After that window closes, the 7x improvement in vulnerability discovery will be available to both sides simultaneously.
In that scenario, the advantage accrues entirely to whichever side has a faster response loop. For defenders, that means a tighter mean-time-to-patch. For attackers, it means a tighter mean-time-to-exploit.
The current industry baseline does not favor defenders. The average time to remediate a known high- or critical-severity CVE is 74 days. Exploits are routinely arriving before patches, with 28.3% of CVEs exploited within 24 hours of disclosure. These numbers predate widespread frontier AI adoption in offensive operations.
What frontier AI is actually good at
Unit42 identifies two specific capabilities where frontier AI models outperform human researchers most dramatically: finding obscure vulnerabilities in unfamiliar codebases at speed, and vulnerability chaining, where multiple lower-severity issues are combined into a critical-level exploit path that no individual issue would have warranted.
That second capability is particularly significant. A lot of security programs dismiss individual low-severity findings. Frontier AI can chain those findings into critical-severity attacks automatically, surfacing exploit paths that a time-constrained human pentester would likely miss.
The four-part response
Palo Alto's recommended response is four-pronged: build the ability to find and patch vulnerabilities before attackers can exploit them; reduce internet-facing exposure so only essential systems are publicly accessible; deploy automated detection and prevention tools capable of blocking attacks in real time; and integrate AI and automation into SOC operations so defenders can respond at machine speed.
None of these is new advice. The urgency is new. The three-to-five-month window is not a theoretical planning horizon. It is a concrete estimate from a team that has been running frontier AI models against real production software for the past month.
The question for every security team right now is not whether to take this seriously. The question is what you do with the window while you still have it.
Gigia Tsiklauri is a Security Architect and founder of Infosec.ge. Get in touch if you want to think through how frontier AI changes your vulnerability management program.