THE article frames vulnerability management as entering an agentic era, defined by continuous telemetry, contextual prioritization and agentic remediation, not just static scans. It notes a November 2025 disclosure by Anthropic that a Chinese threat actor weaponised Claude to conduct an autonomous agentic cyberattack, performing reconnaissance, exploit development, credential theft, lateral movement and data exfiltration at machine speeds.
Cisco’s announcement of the end of life for Kenna Security, with no replacement, is highlighted as an indicator of changing exposure management. It also cites OpenAI figures that compute is expected to triple in 2026, underscoring the speed gap between threat actors and defenders.
The piece proposes a shift to vulnerability management 10.0, emphasising a security data fabric and continuous, contextual visibility to enable agentic remediation, with humans remaining in the loop in phase one and decisions automated only in deterministic, known-bad scenarios.