2 - the mean time to exploit (TTE) for vulnerabilities has continually decreased "from 63 days in 2018 to -1 day in 2024 and further downward to an estimated -7
The average time to exploit software vulnerabilities has dramatically decreased, moving from 63 days in 2018 to an estimated -7 days by 2025. This negative trend indicates that exploits are now, on average, occurring before a patch is even released. This alarming acceleration suggests a significant shift in the cybersecurity landscape, where defensive measures are consistently outpaced by offensive capabilities. AI
IMPACT Accelerating exploit times suggest a growing arms race in cybersecurity, potentially impacting AI systems and infrastructure.