The Enterprise Strategy Group report Automating Risk Reduction in the AI Era, is based on a survey held among 400 IT and security professionals at organizations with 1,000 employees or more. The survey included questions ranging from AI and Agentic AI adoption, impact of AI usage on risk management and reduction, AI adoption challenges, and plans for the future. We’ve highlighted five key takeaways:
#1. Adoption of AI and Agentic AI is accelerating
According to the survey, 42% of organizations have already adopted agentic AI in some areas of their vulnerability management operations, with many considering adoption soon. This means more than half of organizations are now engaged in some stage of the AI adoption curve, signaling a major shift from just hype to actual implementation. This indicates a strong interest in leveraging AI to enhance vulnerability management.
What’s driving this momentum? For many, it’s the promise of leveraging AI, not only as a passive analytical tool, but using AI agents that can analyze, make decisions, and remediate vulnerabilities in complex threat environments faster than human teams alone. Especially with attackers now starting to leverage AI, it’s extremely important for defenders to up the speed of their remediations.
#2. Measurable AI ROI in threat and exposure management
Among organizations that have implemented agentic AI in their threat and exposure management processes, the results are striking. These teams report significant improvements in both detection and remediation rates, with detection seeing the most pronounced gains.
Most notably, 65% say they’ve seen significant improvement in Mean Time to Remediation (MTTR) - a key metric for assessing how quickly vulnerabilities are identified, prioritized, and resolved. Faster remediation not only strengthens security posture but also frees up human analysts to focus on higher-value strategic work.
#3. Trust in AI still needs to grow
While the benefits of AI are clear, its implementation isn't without its own set of concerns. 40% point to difficulty validating the accuracy of AI recommendations as one of their primary concerns. This challenge highlights an underlying issue: trust. As AI systems begin to make or influence critical security decisions, organizations need clear, auditable reasoning to maintain confidence and compliance. Trust in AI decisions and AI security risks are primary concerns of deploying Agentic AI.
#4. The transparency challenge of AI
Despite these encouraging results, not every organization is ready to hand over the reins to autonomous AI. The survey found that 26% cite fear of “black box” decisions - a lack of transparency into how AI systems make their choices - as a primary barrier to broader adoption.
These findings underscore the importance of building trust and ensuring explainability in AI systems.
#5. Looking ahead: automation with oversight
Despite the hesitations, the trajectory is clear. A striking 85% of respondents say they plan to implement automated remediation within the next 12-18 months, with varying levels of human oversight. This hybrid approach - automation guided by human governance - represents the next logical step in cybersecurity’s evolution.
It’s a balance that allows organizations to reap the speed and scale benefits of agentic AI while maintaining transparency, accountability, and human control.
Conclusion
The survey results paint a picture of an industry in transition: from cautious experimentation to confident execution. Agentic AI is proving its value in improving detection and reducing response times — but trust, explainability, and validation remain critical hurdles to overcome.
The organizations that master both sides of this equation ‘automation and assurance’ will be the ones best positioned to thrive in the next era of intelligent, adaptive cybersecurity.
Download the full report to learn:
- Biggest challenges in managing cyber risk
- AI adoption rates for each threat management function
- Main challenges of implementing AI in threat management
- Impact of AI usage in exposure management
- Agentic AI adoption for remediation
About Mondoo
Mondoo is the world’s first agentic vulnerability management platformTM that eliminates - not just categorizes - vulnerabilities. Global enterprises trust Mondoo to prioritize risks by business impact and exploitability through its patented AI-native security model that collects structured, context-aware data from the entire IT infrastructure. Mondoo’s customers have reduced vulnerabilities and policy violations by 50% and significantly reduced MTTR. With seamless ITSM integrations and transparent security pipelines, Mondoo enables autonomous remediation and continuous compliance. Mondoo bridges the gap between security and engineering - delivering intelligent recommendations and actionable insights to fix vulnerabilities that matter most to the business.
Mondoo’s agentic vulnerability management capabilities include:
Prioritization
Mondoo agents continuously detect vulnerabilities and misconfigurations in the environment, and leverage deep and wide insights to prioritize issues based on contextual risk factors, business impact, threat intelligence, and exploitability. This ensures that only truly critical issues are sent to IT Ops, reducing alert fatigue and possible friction between security and IT.
Orchestration
Mondoo agents orchestrate the entire vulnerability workflow from detection to resolution (we call this the Mondoo Flow), and automatically create tickets in ITSM systems. Agents track tickets to completion, auto-close upon verification, and reopen if drift occurs. Security and platform engineering teams can use their LLM to ask Mondoo questions to speed up tasks and reduce back and forth between teams. This reduces manual work, accelerates MTTR, and simplifies reporting and compliance.
Remediation
Mondoo agents create tickets with detailed information on the affected asset(s), as well as remediation steps and pre-tested code snippets that can instantly be applied by platform engineers. Mondoo also performs autonomous patching using the Mondoo security pipeline and pre-tested Ansible, Terraform, and InTune remediation code, with versioning and rollback. By reducing manual work and integrating into DevOps workflows, Mondoo bridges the gap between security and engineering teams delivering security without sacrificing development speed.
To learn more about Mondoo, visit mondoo.com.
