In the recent Anthropic-powered cyber attack report, "Autonomous" and "Vulnerability" were the two most standout terms. Anthropic's call to action for the cybersecurity community to apply AI for defense in vulnerability assessment and remediation is a watershed moment.
In fact an entire phase of the attack path was dedicated to discovering and exploiting vulnerabilities:
"Phase 3: Vulnerability discovery and validation"
"the AI autonomously discovered vulnerabilities in targets selected by human operators and successfully exploited them in live operations"
"AI independently cataloging hundreds of discovered services and endpoints"
The mind-blowing part about this is that as an industry, we're coming back full circle to endpoint vulnerabilities tied to the workforce : employee devices. Because device vulnerabilities were a "safe" can of worms that security & IT teams could afford to sit on as they were not public internet facing assets. But today that situation has changed - you can't assume that no one will get in and move laterally to internal employee assets, so you must defend as though they will.
It's what security and IT teams always know and strive for - basic endpoint security hygiene. But doing the basics is HARD.
The last mile gap in vulnerability remediation for employee devices
The last mile of work in endpoint vulnerability patching is messy, time-consuming and manual.
This manual process outlined above where it all breaks down. First it requires a ton of manual work to map and track vulnerabilities tied to employee devices and applications, and then engaging them for the remediation process is riddled with toil. This means tracking in spreadsheets, sending email reminders, escalating via emails and messages, then reporting it to managers and the end result is that the vulnerability backlog keeps piling up and compounds workforce risk with each patch delay that lives with the employee and their devices. It's why we see customers show us their EDR and VM tool dashboards with out-of-SLA vulnerabilities in four and five digits.
AI to engage employees at scale for personalized remediation
Amplifier’s human risk graph powers a live system of record for each employee’s risk — that solves the mapping problem of user identity, device OS and application vulnerabilities, device posture and endpoint tooling coverage gaps. The graph serves as important data and context required for meaningful user engagements through agentic AI automation.
Amplifier uses AI to free IT and Security teams from follow-ups so they can focus on impact. The AI engages users for taking remediation actions through easy calendar scheduling – invoking existing patch automation tools or just using AI generated instructions to fix issues.
Amplifier turns vulnerability alerts into employee-driven remediation by guiding users through patches and updates during their natural workflow, closing security gaps in hours instead of months — all without disrupting workforce productivity or employee experience.
It rapidly solves the problem of critical security patches sitting in deployment queues for months while IT teams struggle to coordinate updates across thousands of endpoints.
Time to fix the “assumed vulnerability risk” backlog
One thing is clear that current defensive approaches are no longer sustainable with this new AI adversary landscape. Endpoint vulnerabilities are a ticking time bomb waiting to explode when AI attackers exploit known vulnerabilities from the pile of “assumed risk” debt.
Vulnerability management is one of the most basic preventative measures, but traditionally one of the hardest to enforce. It's constant ping-pong between different teams – GRC, Vuln Management, App Security, Enterprise Security, Corporate Security, IT and the workforce always chasing down process gaps and delays.
We've seen a lot of positive evidence that non-threatening, personalized and engaging outreach to employees does move the needle - way more than decades of traditional approaches of escalating and scolding has.
Anthropic has described only the first known case, but security teams are now acknowledging they cannot operate this way of “compartmentalizing risk” anymore. The AI adversary landscape has changed it for them, because they know in today's world this is not an “if” but “when”.
It's why security teams now nod their heads that this “last mile of work” really matters. Now it's time for this last mile to be fixed, but this time it's important. And this time, there is a real solution – where AI can empower employees to quickly turn awareness into action.
