arXiv: When Discovery Outpaces Remediation: Modeling AI-Accelerated Vulnerability Discovery in Interconnected Systems

This paper, published on arXiv, models a new systemic risk: AI systems can discover software vulnerabilities far faster than humans or traditional tools can patch them. It demonstrates that in interconnected digital ecosystems, AI-driven vulnerability discovery can outpace remediation efforts, creating a dangerous window of exposure where multiple systems become simultaneously exploitable. The research provides a mathematical framework to quantify this imbalance, showing that current patch management cycles are inadequate against AI-speed discovery.

The primary affected sectors are critical infrastructure operators, financial services, healthcare, and any organization managing large, interconnected software supply chains. Technology vendors and cloud service providers are also directly impacted, as their products form the backbone of these ecosystems. Regulators overseeing digital resilience and cybersecurity will need to reassess existing incident response timelines and vulnerability disclosure norms.

Compliance teams should immediately review their vulnerability management and patching SLAs to assess whether they can respond within AI-driven discovery windows. They should engage with software vendors to understand their AI-assisted security testing practices and demand transparency on discovery-to-patch metrics. Finally, teams should begin scenario planning for simultaneous zero-day exploits across multiple systems, updating business continuity and incident response plans accordingly.