{"id":281501,"date":"2026-06-25T08:00:00","date_gmt":"2026-06-25T12:00:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/25\/trust-in-automated-ai-vulnerability-scanning-collapses-to-9\/"},"modified":"2026-06-25T10:45:13","modified_gmt":"2026-06-25T14:45:13","slug":"trust-in-automated-ai-vulnerability-scanning-collapses-to-9","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/25\/trust-in-automated-ai-vulnerability-scanning-collapses-to-9\/","title":{"rendered":"Trust in Automated AI Vulnerability Scanning Collapses to 9%"},"content":{"rendered":"<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/trust-ai-vulnerability-scanning\/\">Trust in Automated AI Vulnerability Scanning Collapses to 9%<\/a><\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/trust-ai-vulnerability-scanning\/\">https:\/\/www.infosecurity-magazine.com\/news\/trust-ai-vulnerability-scanning\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-25 08:00:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.infosecurity-magazine.com\">www.infosecurity-magazine.com<\/a><\/p>\n<p>A large number of false negatives has significantly eroded confidence in automated AI testing for vulnerabilities, a new study from Cobalt has found.<\/p>\n<p>The Cobalt State of Pentesting Report 2026 is based on two comparative surveys in 2025 and 2026 of around 450 cybersecurity professionals.<\/p>\n<p>It found that the percentage of organizations relying entirely on AI automation for testing sank from 29% to 9% over the period, with nearly half (47%) of respondents now preferring a hybrid testing model.\u00a0<\/p>\n<p>Over three-quarters (78%) said fully automated scanning tools missed critical vulnerabilities.<\/p>\n<p>Read more on pen testing: AWS Unveils &#8216;Continuum,&#8217; an AI-Powered Vulnerability Management Platform<\/p>\n<p>The share of organizations now preferring a hybrid model, where humans support AI testing, surged\u00a022 percentage points in a year. The percentage of organizations using automation for low-risk environments also rose 22 points to 47%.<\/p>\n<p>\u201cWhile the industry is rightfully excited about the potential of Mythos-class tools, unguided algorithms are inherently prone to returning even more false positives and costly false negatives than the automated scanners we have today,\u201d said Andrew Obadiaru, CISO of\u00a0Cobalt.<\/p>\n<h2><strong>The AI Attack Surface Expands<\/strong><\/h2>\n<p>A big reason for the decline in trust for AI automation is the complexity of the AI attack surface that these scanners are testing, noted the report.<\/p>\n<p>Nearly one-in-three findings from an AI pentest is rated high risk \u2013 2.7 times the average of conventional software, it claimed.<\/p>\n<p>At the time of analysis, less than two-fifths (38%) of LLM vulnerabilities had been fixed, while 62% remained open \u2013 the lowest resolution rate of any asset class.<\/p>\n<p>Mean time to resolve (MTTR) for AI\/LLM security issues rose from 19 days to 36 days over the period, which Cobalt claimed shows that teams are tracking \u201csignificantly harder vulnerabilities\u201d than before.\u00a0<\/p>\n<p>\u201cLLM vulnerabilities are deeply context-dependent and invisible to tools that lack an&#8230;<\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/trust-ai-vulnerability-scanning\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Trust in Automated AI Vulnerability Scanning Collapses to 9% https:\/\/www.infosecurity-magazine.com\/news\/trust-ai-vulnerability-scanning\/ Publish Date: 2026-06-25 08:00:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":281503,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.infosecurity-magazine.com\/webpage\/og\/d45e7e3a-4e70-4e6a-96f1-d3353c08628e.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,17,27],"class_list":["post-281501","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-llm","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/281501"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=281501"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/281501\/revisions"}],"predecessor-version":[{"id":281504,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/281501\/revisions\/281504"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/281503"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=281501"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=281501"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=281501"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}