Why AI Is Making Attack Surface Management Mandatory
None
<div style="padding: 56.25% 0 0 0; position: relative;"><iframe style="position: absolute; top: 0; left: 0; width: 100%; height: 100%;" title="Amit Sheps on Managing Expanding Attack Surfaces in the Age of AI" src="https://player.vimeo.com/video/1155140528?badge=0&autopause=0&player_id=0&app_id=58479" frameborder="0"></iframe></div><p><script src="https://player.vimeo.com/api/player.js"></script></p><p>Amit Sheps, head of product marketing at CyCognito, discusses the growing challenges cybersecurity teams face as artificial intelligence accelerates the expansion of enterprise attack surfaces. He explains why visibility, continuous assessment, and proactive risk management are becoming essential in an AI-driven threat landscape.</p><p data-start="447" data-end="903">Sheps argues that most teams are still stuck in “vulnerability whack-a-mole” mode, chasing long lists that do not translate cleanly into actual risk. The practical problem is not a lack of tools, but a lack of visibility and context. If you cannot reliably enumerate internet-facing assets, understand ownership, and map what is truly reachable from the outside, then prioritization becomes guesswork and remediation turns into a noisy, never-ending queue.</p><p data-start="905" data-end="1424">A major focus is how security leaders can regain control by connecting external discovery with internal systems and workflows. The goal is a unified view that ties inventory, ticketing, and exposure findings together so teams can connect the dots, reduce duplicated effort, and focus on what is exploitable and business-relevant. Sheps emphasizes validation and reachability: what can an attacker actually see, touch, and chain into an impact, not what simply appears “critical” on a scanner report.</p><p data-start="1426" data-end="1804">AI shows up in two ways. First, it expands what must be secured, with new agents, MCP-style integrations, and rapid-fire deployments creating fresh entry points. Second, it can help practitioners move faster by assisting with investigation, triage, and data processing at scale, acting like a junior analyst that surfaces initial findings and patterns across logs and telemetry.</p><p data-start="1806" data-end="2319" data-is-last-node="" data-is-only-node="">Finally, Sheps tackles the executive conversation. He recommends framing exposure management in business terms, especially through compliance drivers and measurable operational impact, such as downtime, customer disruption, and revenue loss. The takeaway is straightforward: continuous assessment and proactive risk management are becoming table stakes, and the most effective teams will be the ones that can see their environment the way an adversary does and act on the small set of exposures that truly matter.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/01/why-ai-is-making-attack-surface-management-mandatory/" data-a2a-title="Why AI Is Making Attack Surface Management Mandatory"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fwhy-ai-is-making-attack-surface-management-mandatory%2F&linkname=Why%20AI%20Is%20Making%20Attack%20Surface%20Management%20Mandatory" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fwhy-ai-is-making-attack-surface-management-mandatory%2F&linkname=Why%20AI%20Is%20Making%20Attack%20Surface%20Management%20Mandatory" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fwhy-ai-is-making-attack-surface-management-mandatory%2F&linkname=Why%20AI%20Is%20Making%20Attack%20Surface%20Management%20Mandatory" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fwhy-ai-is-making-attack-surface-management-mandatory%2F&linkname=Why%20AI%20Is%20Making%20Attack%20Surface%20Management%20Mandatory" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fwhy-ai-is-making-attack-surface-management-mandatory%2F&linkname=Why%20AI%20Is%20Making%20Attack%20Surface%20Management%20Mandatory" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div>