ACCORDING to Rapid7, Project Glasswing is about turning faster vulnerability discovery into faster action for defenders, emphasising that AI will be most useful when used with intention rather than simply speeding up backlogs. The piece notes that the Common Vulnerabilities and Exposures system recorded 48,185 disclosures in 2025, a 20% rise on 2024, with 2026 already seeing hundreds of new CVEs per day, highlighting that the challenge is converting volume into real risk reduction.
It argues that early adoption of AI will focus on backlog reduction, triage support, patch testing and lower‑tier remediation, with widespread use requiring a solid understanding of the environment and well‑defined processes before expanding AI use. The article foregrounds Attack Surface Management via Surface Command as the environmental foundation, enabling a live view of exposures, asset ownership, and critical paths to aid prioritisation and decision‑making.
It also describes how Vulnerability and Exposure Management, curated vulnerability intelligence, and AI‑generated remediation insights fit together to shorten the gap between discovery and action, while runtime context helps focus on issues actively creating risk in live environments.