A zero-day is not frightening because it is sophisticated. It is frightening because it is unknown. There is no patch in the moment it matters most. That single condition undermines the comfort most security programs rely on: time.
In the past, attackers didn’t need zero-days because they relied on predictable failures in patching and credential hygiene. The sheer labor required to find new vulnerabilities acted as a natural throttler on advanced attacks. Agentic AI removes that friction. By automating the trial-and-error cycle, AI transforms vulnerability research into a high-speed, 24/7 operation, making the once-rare zero-day a scalable threat.
What a zero day is and why it matters
A zero-day is a flaw that the vendor and defenders do not yet know exists. And because a zero-day vulnerability is unknown to the manufacturer, it exists in a defensive vacuum where there is no patch to deploy and no proven strategy to follow. Exploitation forces a shift from “business as usual” to an “emergency operational event.” In these scenarios, the organization loses its autonomy, as external stakeholders and the attackers themselves set the pace of recovery.
While Stuxnet showed that cyberattacks could have physical consequences, and Heartbleed demonstrated the fragility of the internet’s cryptographic backbone, Log4Shell in late 2021 changed the game by revealing the risk posed by modern dependencies. A logging library embedded into thousands of packages created a global response effort, and government agencies warned that exploitation would persist over time.
Those incidents also underline that when the vulnerable component is ubiquitous, your risk surface includes software you did not write, do not inventory cleanly and may not even realize you run.
Scaling vulnerability discovery to machine speed
Agentic AI is AI that can act, not just advise. Give it an objective, and it will plan steps, run them, learn from what happens and adjust until it succeeds or hits a hard stop. In cybersecurity, that looks like an automated operator. It can probe an application, test multiple attack paths, change tactics when defenses hold and keep iterating without waiting for a human to re-aim it.
We already have credible public signals that AI-assisted systems can help discover real-world vulnerabilities in widely used open source components. Google Project Zero and Google DeepMind disclosed that an AI agent called Big Sleep found an exploitable vulnerability in SQLite, and maintainers fixed it the same day it was reported. Google’s security team also described AI-assisted fuzzing work that reported new vulnerabilities to open source maintainers, including one in OpenSSL. DARPA’s AI Cyber Challenge was built around the same direction of travel, which is automated vulnerability discovery and patching at scale.
As discovery accelerates, the time between unknown and exploited compresses. That weakens any security model built around periodic assurance. Annual penetration tests and quarterly scans still matter, but they cannot be the backbone of resilience when a motivated adversary can probe continuously, adapt quickly and never get tired.
Reducing the value of the inevitable breach
Resilience begins with data minimization. If an internet-facing service does not need raw sensitive data, it should not be able to retrieve it. Tokenization and non-reversible storage, among other approaches, reduce the value of a successful breach. You cannot lose what you never collected, and you cannot leak what the service cannot see.
Next comes API discipline. APIs are the nervous system of the enterprise. They are also an ideal interface for automated probing because an attacker does not need a UI to harvest what an endpoint returns. Ensure every endpoint response is a deliberate security decision. If a client does not need a field, the API should not return it.
Keeping attackers out is only half the battle. The real test of security is what happens after they get in. The goal is to ensure that if a door is forced open, the intruder finds themselves in a room with no exit. Use least-privilege access and strong authentication to kill their momentum. Then, use micro-segmentation to lock down the hallways. By blocking lateral movement, a single compromised system stays isolated. This helps protect core data and keeps operations running.
Operational resilience is the best security strategy
Security does not sit on top of a fragile environment and “work harder” to make it safe. Security must be baked into IT operations—from system design to change control. This is why CIO and CISO agendas must merge. When the pressure is on, they can rely on accurate inventories, secure-by-design architecture and disciplined change management. Recovery plans are useless if they are only documented; they must be practiced.
Agentic AI raises the stakes because it leaves no lead time. It finds and hits a weakness almost instantly. You do not win that race with promises of perfect prevention. You win by reducing what is exposed, limiting how far an intruder can move and continuously validating that your controls still work as your environment changes.
In an era where attackers can probe without pause, is your organization built to absorb that test without breaking?
This article is published as part of the Foundry Expert Contributor Network.
Want to join?
No Responses