When it comes to AI-accelerated exploits, probability-based risk scores are not enough. Organizations need adversarial validation to keep pace.

The new reality of cyber threats and the limits of risk scores

Cyber threats are evolving at an alarming rate, accelerated by automation and AI. Security is not just about speed anymore, rather it feels like sprinting now. By early 2025, nearly 30% of vulnerabilities were already being exploited within 24 hours of disclosure, and active exploitation often occurs within 48 to 72 hours. The average exploit turnaround now hovers around the 5-day mark, but the volume and speed of attacks have surged dramatically.

By the time traditional defenses react, exploits may already be underway. In this high-speed landscape, relying solely on probability-based risk scores is a dangerous bet. Industry metrics such as Common Vulnerability Scoring System (CVSS) severity and Exploit Prediction Scoring System (EPSS) offer valuable context. However, they frequently exhibit a delay relative to observed attacker behaviors and often lack critical business-specific contextualization.

A recent study from Purdue University concluded that “EPSS is more of a trailing indicator than a predictive system”. The study noted that the name “EPSS” is misleading, as it often simply scores risk relative to other vulnerabilities rather than truly predicting new exploits. In practice, many vulnerabilities that later wreak havoc did not have high EPSS scores ahead of time.

The volume of potential threats exacerbates the problem. Last year, over 40,000 new CVEs were disclosed which is a 38% increase from 2023. Security teams are seeing first hand that it is impossible to patch or even triage all of these vulnerabilities based solely on their theoretical severity. In fact, nearly 25% of CVEs exploited in 2024 were attacked before their public disclosure, giving security teams virtually no head start.

Meanwhile, security teams drown in noise: legacy scanners and tools generate thousands of alerts, many of them false positives or low-value issues. Research shows teams spend up to 25% of their time chasing false positives, leading to alert fatigue and critical warnings being overlooked. To simplify, a list of “high-risk” scores on paper does not equal real-world risk reduction. From the perspective of a hacker, they are moving faster than ever and are not consulting CVSS or EPSS before striking.

"I'm ahead of this game like I read the patch notes

But the way that I do it, man, they think I hack though"

— Fakemink, “Truffle” (2024)

Probability alone does not equate to actual exploitability. Adversaries (whether independent threat actors, organized cybercriminals, or nation-state-sponsored groups) consistently succeed by identifying and exploiting a select few vulnerabilities among thousands, irrespective of their assigned severity scores.

In the current Fourth Industrial Revolution era, where AI can rapidly develop and deploy new attack vectors, relying solely on theoretical risk scores leaves organizations more vulnerable than ever.

To effectively defend against such targeted intrusions, organizations must move beyond generalized risk scoring models and prioritize the identification and remediation of vulnerabilities that are actively exploitable within the context of their specific operational environment.

From theoretical risk to exploitable reality: Adversarial Validation

Enter Continuous Threat Exposure Management (CTEM), a proactive program Gartner coined to help security teams iteratively identify, test, and mitigate exposures in real time. A core pillar of CTEM (and arguably its “secret sauce”) is the Validation phase. This is where you move from lists and probabilities to evidence. Instead of assuming a vulnerability might be exploited, you simulate the attack to see if it can be exploited in your environment.

This adversarial approach is about adopting a hacker’s mindset: treating your infrastructure like an attacker would, continuously probing and validating your defenses. Gartner highlights Adversarial Exposure Validation (AEV) as the technology delivering “consistent, continuous, and automated evidence of attack feasibility.” In plain terms, unlike passive vulnerability scanning, AEV means performing real attack scenarios (safely) against your assets to prove whether a weakness is actually exploitable, and whether it could bypass your existing controls.

Every element of Hadrian’s active validation is governed by the principle that adversarial simulation should never come at the cost of operational reliability or customer trust. Safety, traceability, and environmental respect are not afterthoughts but foundational attributes embedded into every phase of the scanning lifecycle.

It separates the signal from the noise by demonstrating which findings are not just theoretical threats, but genuine paths an attacker could use right now. Crucially, adversarial validation addresses the shortcomings of one-off tests and static scores. Traditional vulnerability management might flag hundreds of “high” CVEs, but continuous validation finds which of those can actually be leveraged by adversaries, in context.

It also catches important gaps that include scoring misses like misconfigurations, attack chains, and logic flaws that do not have a CVE ID at all. For example, rather than just trusting that a new patch is low priority because EPSS is low, adversarial testing would attempt the safe exploit on a test instance. If it succeeds, that issue rockets to the top of your priority list regardless of its score. We have seen repeatedly how critical exposures can slip through conventional risk ratings.

The recent “CitrixBleed 2” flaw (CVE-2025-5777) in Citrix NetScaler is a prime case. This was a simple, yet critical memory leak bug that many organizations initially overlooked or did not patch promptly. Although patches were released in late June 2025, active exploitation was observed in early to mid‑July 2025, just weeks after disclosure. As mentioned earlier, we can now confirm ourselves with this, that probability metrics alone did not raise the alarm in time. 

However, an adversarial approach that validated the exposure would have revealed how easily an attacker could harvest credentials from it, prompting urgent action. Some vendors have responded by incorporating AI-driven prediction models to guess which new vulnerabilities are likely to be exploited (essentially trying to mimic experienced hackers’ intuition). While this can provide earlier warnings, e.g. flagging a Citrix flaw days before widespread attacks, it still ultimately rests on probabilities. A prediction, no matter how clever, is not a confirmation.

We believe the only way to truly stay ahead is to combine smart prioritization with active validation. We use intelligence and contextualization to narrow the list, then prove which issues are dangerous, by (safely) confirming the exposures, the way a cybercriminal would (but before the criminal can). This approach gives you certainty and context that a probability score can not achieve. You see the exact steps an attacker would take and the impact they could achieve, so you know where to focus your fixes.

Hadrian’s Agentic AI: Continuous, contextual, and confirmed

At Hadrian, we recognized from day one that simply enumerating assets and scoring their vulnerabilities was not enough. Real security comes from thinking like an adversary. That is why our platform was built around agentic AI-driven penetration testing as the engine of validation from the beginning.

Instead of periodic manual pentests or basic scanners, Hadrian’s platform runs autonomous, continuous attacks safely on your attack surface to identify which exposures truly matter. AEV was built into our solution since its inception, and is woven throughout it as we keep exponentially growing. Here is how it works:

• Continuous hacker point-of-view: We start by mapping your entire external attack surface (known and unknown, managed and unmanaged assets) as the foundation of CTEM. But we do not stop at an inventory, because the moment a potential exposure is discovered, our agentic Orchestrator AI swings into action. This agentic AI, trained by seasoned ethical hackers, dynamically chains together tactics and exploits to test each finding in context. Whether it is exploiting a vulnerable web server or using valid credentials for authenticated scanning, it delivers validated exposures and prioritized risk insights, ensuring remediation efforts focus where they have the greatest business impact.
• Verified exploits, zero false positives: Every finding gets classified as either a potential exposure (theoretical risk) or a verified exposure (proved exploitable). Hadrian’s AI only marks something as verified after it has executed a successful, proof-of-concept exploitation, up until we reach the final door of the initial point of compromise, in a safe manner. Hadrian delivers its capabilities through an agentless, web-based software-as-a-service (SaaS) platform. For each verified exposure, you get a dedicated page detailing what was exploited, its maximum impact, and a step-by-step reproduction of how our agentic AI achieved it. This level of evidence means your team does not waste time on mere guesses anymore. If we say it is a critical risk, you will see exactly why, with a detailed history. One major bank CISO remarked that this eliminated the whole
  
  “Can we actually get in through this?”
  
  debate that often slows remediation efforts, after being blasted with more than a thousand theoretical, potential risks. With our agentic validation approach, the debate is over, because quite simply, the attack worked, here is the proof, and now let us resolve this, all in a single page.
• Prioritized by business impact: Not all exposures are equal. Our approach not only validates exploits but also correlates them with asset context and business criticality. The platform’s scoring and alerting workflows consider how attractive an asset is to attackers, what data or access an exploit would yield, and how easily the attack could be replicated. This context-driven prioritization ensures you focus on the exploitable issues that would hurt your organization the most, not just, whichever CVEs that week garnered a lot of media attention. For instance, a medium-severity misconfiguration on an internet-facing database that yields a publicly accessible instance, which leads to multiple compliance breaches (and thus, hefty fines) in our agentic validation test will outrank a “critical” CVE on a developer server that is not reachable from the outside. By continuously validating and contextualizing, Hadrian helps cut through the noise to a short, actionable list of real risks.
• Speed and scale via AI: Because Hadrian’s validation is powered by AI agents, it operates at machine speed. When a new threat technique or zero-day emerges, our in-house ethical hackers quickly train and/or update the Orchestrator’s skills, so it can incorporate that knowledge, often within 24 hours of discovery. In practice, this meant when the latest NetScaler 0-day hit, our platform was already scanning customers’ infrastructures with the new exploit pattern and validating any successful compromise paths. This closes the gap between “vulnerability disclosed” and “defense in place” to hours instead of weeks. It will relentlessly hunt exposures around the clock for you, at a scale no human team could manage. And because it is agentless and cloud-based, onboarding is quick (it takes just minutes to set up), with no hardware or internal agents to deploy, and ultimately no headaches.

The results speak for themselves. By unifying continuous discovery and adversarial validation via our agentic approaches, organizations using Hadrian’s platform have achieved orders-of-magnitude improvements in their security posture. According to our latest data we see teams that got up to 10× more visibility into critical risks (including shadow IT, forgotten and/or unmanaged assets) and resolved issues 80% faster on average, thanks to clear prioritization and automated triaging. These figures are even higher, the bigger or more decentralized your attack surface is. Perhaps most importantly, this approach gives security teams back something crucial that attackers had stolen from them, time. Hadrian saves SecOps teams 10+ hours of work each week. Instead of racing to react after an incident, you are identifying and closing the most dangerous gaps before they are exploited. Every validated finding fixed is an incident that never happens.

Proactive validation for future-ready security

We need to stop asking static questions like “How big is my attack surface?”, “How decentralized are we, and can we centralize?” or “How many assets are managed versus unmanaged?”. The more important question is “How quickly is my attack surface changing?”. That change in perspective moves us from measuring size to measuring speed.

Think of it like driving a car: the distance you have traveled matters less than how fast you are going when you need to make a decision. Event-driven architectures like Hadrian’s platform work the same way. They do not focus on fixed points in time but on reacting to the events that signal change. And in security, it is those changes (the launch of a new asset, a misconfigured service, or a vulnerable dependency) that create the moments of real risk.

In a world where ransomware-as-a-service (RaaS), their distributors, and nation-state hackers move at machine speed, playing catch-up with theoretical risk scores is a losing strategy. The latest surge of exploits (from Exchange ProxyShell to the constant churn of Citrix Gateway flaws) has proven that if you wait for clear evidence of in-the-wild attacks, you are already late. As Rianna Parla from Purdue University put it, focusing on patching based solely on predicted risk is risky. Security teams need to continuously test their defenses against real threats. Our adversarial exposure validation flips the script: instead of reacting to breaches, Hadrian relentlessly simulates them using the agentic AI to harden organization’s systems. This is the essence of modern CTEM’s validation stage, and the core of Hadrian’s philosophy.

By adopting an attacker’s perspective and leveraging agentic AI to automate it, organizations can finally bridge the gap between knowing their weaknesses and truly understanding them. This leads to a security program that not only discovers exposures but also proves their existence, which would lead to actual compromises. This enables organizations to prioritize with confidence, as they have fewer false alarms, more decisive action, and a drastically reduced attack surface (even as that surface constantly changes). This is only a glimpse of the benefits one can achieve with Hadrian. It is more about moving from passive defense to active, evidence-based prevention.

Hadrian’s AI-driven offensive security platform was built to deliver this proactive validation at scale from the beginning, helping companies stay ahead of threats rather than behind the curve. We believe this agentic approach, beyond EPSS scores and beyond quarterly pen-tests, is the future of cyber defense. The organizations that embrace continuous adversarial validation as part of their DNA will be the ones three steps ahead of the bad guys. As you look to fortify your own security strategy, ask yourself: 

Are we validating our security, or just assuming it?

The attackers are not assuming anything and neither should we. Embracing our philosophy today is how you ensure you are ready for what tomorrow’s threats bring. It is time to turn the tables and see how adversaries chase you via their lens for change, and get a taste of how the other side lives.

Are you ready to experience the difference?

Adopting Hadrian’s agentic AI platform empowers your security team with continuous, real-world insights, giving them the time advantage every defender needs. In an era of AI-accelerated attacks, validation has become the new prevention. Do not just measure your risk; challenge it and secure your future.

{{cta-demo}}