Zero Trust Microsegmentation for surviving the Bugpocalypse

The cybersecurity community is grappling with a challenging new macrotrend that is shaping the environment: AI-assisted vulnerability discovery is scaling faster than most organizations can remediate. If the trend continues then the industry as a whole will hit the Cloud Security Alliance’s predicted Bugcopalypse, with more vulnerabilities being discovered than we have the capacity to fix and patch them.

Fortunately, the technology already exists to mitigate the risk to enterprises from this situation. A properly implemented microsegmentation solution will reduce the blast radius of any breach, constrain lateral movement, and give time to resolve the breach. Even more powerfully, microsegmentation enables virtual patching, which gives you the power to isolate vulnerable services before they can be exploited.

The real challenge is implementing your microsegmentation solution to unlock the power of virtual patching before it’s too late! Below we will explain how our Microsegmentation AI Engineer (MAIE) can unblock and accelerate microsegmentation deployments, giving you the protection you need ASAP.

The Myth of Mythos

The recent Anthropic release of Mythos was great marketing, but it obscured the engineering truth of the situation. There has been a tendency to attribute the increase in vulnerabilities to the emergence of “frontier” models capable of discovering zero-day vulnerabilities with Mythos the prime example! However, this framing is misleading.

Research such as Niels Provos ’“Finding Zero-Days with Any Model” shows that vulnerability discovery requires a combination of a frontier LLM and a suitably designed orchestration harness. This combination delivered similar results whether it used Mythos, Opus 4.6, Sonnet 4.6, and even GLM 5.1 from Z.AI. This includes independently rediscovering historical vulnerabilities and identifying new zero-days in real systems.

In other words, the capability is already widely available. The limiting factor is not access to restricted models like Mythos, but the application of engineering discipline to any modern AI model. That means the current surge in vulnerabilities can’t be reduced by restricting access to a single frontier model.

This is staggering and implies that patching is not sufficient and segmentation and therefore other solutions are required.

The Asymmetry Problem

The speed of vulnerability discovery by AI models creates a danger.

On one side, vulnerability discovery is occurring at machine speed. Researchers, and attackers, can run multiple agents, automate testing, and discovery vulnerabilities at a significantly increased rate.  On the other side, remediation is still bound by human workflows: triage, validation, fixing, testing, patching. 

We can see the incoming rate increase by tracking the number of CVEs published over time:

• Almost 50,000 CVEs were published in 2025, representing a 20% jump over 2024.
• And by end of May 2026, we’ve seen 41% more CVEs published than were published in the first five months of 2025.
  

And this has led to issues on the remediation side: 

• We see NIST can no longer keep up with analysing all of the incoming vulnerabilities. 
• And the Google Mandiant M-Trends 2026 report estimates that the mean time to exploit a vulnerability in 2025 was 7 days before the patch was released. Compare that to 2024 when it was 1 day, or 2018 when the patch was available 68 days before the exploit.
  

And from analyzing the Mandiant repot we can demonstrate the situation is only going to get worse.    

Mandiant M-Trends 2026 Analysis 

The chart below shows how two trends have evolved over time.

• The average length of time for an enterprise to remediate a vulnerability (i.e. via patching) remains constant at 37.5 days after public disclosure of the vulnerability. 

• However the average time to exploit a vulnerability relative to public disclosure has dropped from 44 days in 2021 to be less than zero today. 

Read the chart in two stages:

Danger Zone Stage 1 - Exploited before patch deployed.
From mid-2021, the average time to exploit a CVE fell below the average enterprise remediation window. Attackers were moving faster than IT teams could respond. Speed of patching became the problem - but it was still a problem you could theoretically solve by patching faster.

Danger Zone Stage 2 - Exploited before patch released.
By 2024, the red line went negative. That means the average exploit was arriving before public disclosure - before a patch even existed. You cannot patch You cannot patch your systems when no patch is available. This is the era of the average zero-day, and patching faster cannot be solution.

The take-away: The industry needed to move faster from mid-2021. By 2024, even vendors could no longer keep up. The only viable response is to assume breach and isolate vulnerable systems. That is exactly what Zero Trust microsegmentation and virtual patching give you. 

Zero Trust & Microsegmentation: Designed to Assume Breach

Given the changes in the security landscape, the philosophy of Zero Trust has never been more relevant. Zero Trust assumes something that feels uncomfortable but is increasingly unavoidable: breach is inevitable. The goal is no longer to prevent every exploit, because that’s no longer achievable. The goal is to ensure that when something does go wrong, it doesn’t cascade into something far worse. 

That shift in thinking matters. It moves us away from the idea of perfect defense and toward the idea of controlled impact. And the controlled impact required by Zero Trust is implemented via microsegmentation.

Microsegmentation is a key component of any Zero Trust network transformation. It divides networks into granular security zones (based on workload or applications), and enforces strict, context-aware access controls between them. This approach directly addresses the most dangerous consequence of modern vulnerabilities: lateral movement.

Once an attacker exploits a vulnerability, their goal is to move across systems, escalate privileges, and exfiltrate data. Microsegmentation disrupts this progression by default-denying east-west traffic and allowing only explicitly authorized communication, leading to the following well-known benefits

• Reduced attack surface: Only necessary connections are permitted
• Containment of breaches: Compromised systems are isolated from the rest of the environment
• Improved visibility: Smaller segments make anomalous behavior easier to detect.
  

Virtual Patching: Closing the Gap

However, microsegmentation also enabled Virtual Patching, a less well-reported, but even more powerful control for the current environment.  As we’ve noted above, the asymmetry between the number of vulnerabilities and their fixes is widening.  Patches take time to develop, and then actually applying the patch to a production system takes even longer. 

Virtual patching acknowledges that reality and gives you a more proactive option. Instead of waiting for the code to be fixed, and a patch to be delivered, you change the conditions around the deployed application. You restrict access to vulnerable services to isolate them if necessary.  The vulnerability still exists, but it’s no longer exploitable, and therefore won’t become a breach. 

In the current scenario, where backlogs grow and remediation timelines stretch, this becomes critical. Virtual patching doesn’t replace fixing the problem, but it buys you time whilst the patch is being developed and installed.   

The Real Barrier Has Always Been Execution

If all of this sounds familiar, it’s because none of it is entirely new. Microsegmentation has been around for years. Zero Trust isn’t a new idea.  The problem has always been execution. 

Designing effective segmentation policies is hard. Understanding application dependencies is hard. Rolling changes out safely without disrupting operations is hard. These projects have traditionally been slow, complex, and resource-intensive.  Which is why so many organizations started them and then stalled.   

That’s starting to change. 

Solutions like MAIE (Microsegmentation AI Engineer) are emerging specifically to remove those barriers. Instead of relying on manual discovery and design, MAIE uses AI-assisted analysis to map dependencies, generate policies, and streamline deployment. 

What used to take months of effort can now be accelerated dramatically. More importantly, it reduces the reliance on a small number of highly specialized experts, making microsegmentation something that can be delivered quickly at scale.  It unblocks projects, accelerates policy creation, and ensure you get the protection you require in place before a breach occurs.   

The Bottom Line

Enterprises without a fully implemented microsegmentation solution are incredibly vulnerable to the current wave of AI-assisted vulnerability exploitation.   Here at Zero Trust Solutions we can help you plan & implement that solution ASAP: check out our Microsegmentation AI Engineer (MAIE) which is able to build and recommend policies for you.