By Kelvin Zhou·Founder, Parade Warrior · Sydney·1 June 2026·~7 min read

TL;DR

In May 2026, CrowdStrike published Five Steps for Frontier AI Security Readiness — a confident, vendor-shaped argument that defenders must shift from vulnerability management to exposure management. The diagnosis is correct. The framing is incomplete.

The live dataset behind Sergej Epp's Zero Day Clock — 3,500-plus confirmed CVE-exploit pairs drawn from CISA KEV, VulnCheck KEV and VulnCheck XDB — shows the median time from disclosure to first observed exploit has collapsed from 771 days in 2018 to 4 hours in 2024, and that by 2025 the majority of exploited vulnerabilities were weaponised before they were ever publicly disclosed.

That is not a trend curve. It is an exponential decay, and it points to something CrowdStrike's white paper cannot quite say out loud: the entire coordinated disclosure model has inverted, and the constraint on defenders is no longer detection — it is verification.

1. What the data actually says

Four numbers, and you have the thesis.

Median Time-to-Exploit (TTE): 771 days in 2018. 84 days in 2021. 6 days in 2023. 4 hours in 2024. By 2025–H1 2026 the median TTE is negative — most exploited vulnerabilities are weaponised before the CVE is public.
Zero-day rate: Share of exploited CVEs where exploitation occurred on or before disclosure rose from 16.1% in 2018 to 67.2% in 2026. Two-thirds of real-world exploitation now happens outside the window the disclosure system was designed to cover.
Disclosure inversion: Palo Alto Unit 42 found 80% of public exploits appear before the official advisory — on average 23 days before. The system designed to warn defenders has become a post-mortem trigger.
The exploit survival curve: Year-by-year cohorts of eventually-exploited CVEs are collapsing leftward. The 30-day patch SLA is now mathematically below 50% effectiveness against a 2024 cohort. The 7-day SLA is the new floor; 24-hour SLA is the new ceiling.

CrowdStrike's own numbers sit cleanly inside this picture: an 89% year-over-year increase in AI-enabled adversary activity in 2025 and a 42% increase in pre-disclosure zero-day exploitation. The vendor's framing is correct; the Zero Day Clock simply provides the longitudinal evidence.

2. The structural argument CrowdStrike will not quite make

CrowdStrike's white paper recommends five disciplines: measure exploitability, continuously validate exposure, design for prevention and identity control, operate at machine speed, and apply AI deliberately. These are sensible. They are also vendor-shaped — each maps cleanly to a Falcon platform capability, and each presumes the underlying disclosure-and-patch model is salvageable with better telemetry.

The Zero Day Clock's Collapse timeline makes a more uncomfortable argument: the model is not salvageable, because it was never structurally sound. Three references on that wall matter most.

Ross Anderson, 2001 — Why Information Security is Hard. Insecurity is an economic externality. The people who ship insecure software do not pay when it is exploited. Twenty-five years on, that incentive is unchanged.
Halvar Flake (Thomas Dullien), 2004 — BinDiff. Every security patch is also an exploit blueprint. AI now reads that blueprint in minutes. The patch is the advisory.
Sergej Epp, 2025 — Verifier's Law. AI capability scales with the cheapness of verification. Offence has the cheapest verifier in cybersecurity: did the exploit succeed? — instant, binary, free. Defence has the most expensive: is this alert real? is this system secure? — ambiguous, slow, noisy.

Put these three together and the conclusion is uncomfortable for vendors and customers alike. The widening offence/defence gap is not a function of who deploys AI fastest. It is a function of which side has the cheaper feedback loop. Today, and for the foreseeable future, that is the attacker. Adkins and Evron put it bluntly in mid-2025: "the attackers' AI singularity has arrived. Ours has not yet begun."

3. What the Five Steps white paper leaves out

Three things, and they are the three most important.

3.1 CVE-centric defence is already incomplete

Less than 2% of all published CVEs are ever exploited. Most successful breaches exploit non-CVE exposures — misconfigured cloud services, leaked credentials, exposed databases, authentication weaknesses — that persist for months or years. The exposure-management pivot acknowledges this in principle, but the white paper still anchors on CVE-driven patch pressure. The honest framing: the CVE is now a lagging indicator of risk, not a leading one.

3.2 Disposable beats patchable

The Zero Day Clock's Call to Action surfaces Sounil Yu's DIE Triad — Distributed, Immutable, Ephemeral — as the architectural response to a sub-24-hour TTE. Heather Adkins describes Google's operating reality plainly: "any machine should be rebuildable in a couple of hours." If the median exploit arrives in four hours and the median patch deploys in twenty days, the only viable strategy is to remove the surface, not to harden it. Immutable infrastructure, ephemeral workloads and short-lived credentials are not optimisations — they are the new baseline.

3.3 The supply chain has industrialised on the offence side

Sean Heelan demonstrated 40+ working exploits for a single flaw generated for ~$50 of compute. Dinkin and Kraft ran AI agent swarms against Windows kernel drivers and produced 100+ exploitable vulnerabilities across AMD, Intel, NVIDIA, Dell, Lenovo and IBM in 30 days for $600 total — $4 per bug. In February 2026, Anthropic's Frontier Red Team reported Claude finding 500-plus high-severity vulnerabilities in widely used open-source software, with an explicit warning that the 90-day coordinated disclosure model may not survive. The white paper acknowledges a coming surge of fixes; it understates how decisively that surge has already begun on the offensive side. See also our prior issue on the Mythos / Apple M5 walk-through.

4. Why this is an Australian board issue, not an IT issue

Three implications worth surfacing in the next quarterly board pack — with Australian regulators now explicitly signalling urgency over certainty.

First, the threat model has shifted from skill to compute budget. Heelan's framing — "the limiting factor on a state's ability to develop exploits will be token throughput, not the number of hackers they employ" — applies equally to mid-market criminal economics. When per-exploit cost is in single-digit dollars, no organisation is too small to clear ROI. ASIC's 8 May 2026 letter to licensees and directors said the quiet part out loud: do not wait for perfect clarity on frontier AI risk; act now, with discipline, and focus on the cyber resilience fundamentals that underpin the business. Read it as a board instruction, not a technical suggestion.

Second, every vulnerability scoring framework your team uses is now a post-mortem instrument. As Manish Bhatt (Amazon Leo) put it among the Zero Day Clock signatories: "every vulnerability scoring framework assumes defenders have time to prioritise. When exploitation is instant, scoring becomes a post-mortem exercise." If your security program reports CVSS-weighted backlog burn-down to the board, you are reporting against a metric the threat model has obsoleted. For Australian entities this lands inside the existing expectations stack: APRA CPS 234 (capability and assurance), the ASX Corporate Governance Principles' risk oversight duties, and — for Commonwealth-adjacent organisations — ASD Essential Eight maturity as a minimum baseline. None were drafted for four-hour median TTE, but all implicitly require a program that can demonstrate effective, timely risk treatment. See ASD's frontier AI guidance, decoded.

Third, the regulatory environment is structurally lagging — and that lag is now a competitive and liability risk. EU AI Act human-in-the-loop requirements, DORA's audit cadence and NIS2 compliance layers were drafted for human-speed threats. Rob T. Lee (SANS) is right: "defenders have the same tools. Better tools, in most cases. But we're the only ones filling out forms first." Australia's Voluntary AI Safety Standard and the ISO/IEC 42001 conversation will only help if interpreted as operating-model change — verification speed, rebuildability, automated control evidence — not a new layer of paperwork.

The practical Australian framing: regulators are not asking you to predict every AI-enabled exploit path. They are asking you to show — continuously — that you can verify what is exposed, prove controls are working, and recover faster than the attacker supply chain can industrialise.

5. What to do this quarter

Four moves, sequenced for an organisation that already has a working security program.

1. Replace CVSS-as-priority with exploitability-as-priority: Stop reporting patch backlog. Start reporting exploitable, reachable, identity-relevant exposures. The Zero Day Clock Explorer view and VulnCheck's KEV feed are the new minimum bar.
2. Audit your patch-to-exploit window honestly: If median time-to-deploy is more than 72 hours for internet-facing assets, you are operating outside the curve. Either compress the deploy cycle or remove the asset.
3. Adopt a DIE-first posture for new workloads: Every new system commissioned this quarter should be immutable and rebuildable in under two hours. Treat patchability as a legacy constraint, not a design goal.
4. Govern your own AI offence/defence parity: Document which side of the verification asymmetry your AI investments sit on. If they are all defensive copilots with no autonomous response authority, you are funding the slow side of Verifier's Law.

Two of these map directly into our service scope — see the Agentic Readiness Review for moves 1–2 and the Fractional CISO engagement for ongoing parity governance.

6. The honest take

CrowdStrike is correct that frontier AI is reshaping the defensive timeline. They are correct that the answer involves exploitability, validation, identity control, machine-speed response and governed AI. What the Five Steps white paper underplays — because it cannot say it without undermining its own commercial logic — is that the disclosure-and-patch model itself has inverted, and that the verification asymmetry powering the offence/defence gap is structural, not tooling-shaped.

The Zero Day Clock is not a marketing artefact. It is a longitudinal record of a 25-year-old incentive failure now compounding at machine speed. Australian boards that read it as a vendor story will buy more platform. Boards that read it as a structural and economic story will start asking harder questions: about software liability, about disposable architecture, about whose AI singularity their security program is actually betting on.

We are calling this the Verifier's Moment: the point at which the cheapness of attacker feedback became the dominant variable in cyber risk. CrowdStrike's five steps are necessary. They are not sufficient. The work this quarter is to act as though they were drafted in 2021 — because, judging by the data, they should have been.

7. Key terms

Time-to-Exploit (TTE): The gap, in days, between CVE public disclosure and the first confirmed in-the-wild exploitation. Zero or negative TTE means weaponisation before disclosure.
Zero-day rate: The share of exploited CVEs with TTE ≤ 0. Rose from 16.1% (2018) to 67.2% (2026).
Disclosure inversion: Unit 42's finding that 80% of public exploits appear before the official advisory, on average 23 days earlier.
Verifier's Law (Epp): AI capability scales with the cheapness of verification. Offence has the cheapest verifier in cybersecurity — did the exploit succeed? Instant, binary, free.
DIE Triad (Yu): Distributed, Immutable, Ephemeral. An architectural alternative to patchable, long-lived systems.
Coordinated disclosure / 90-day window: The industry-standard grace period before public CVE disclosure. Anthropic's Frontier Red Team has formally warned the model may not survive AI-scale bug discovery.
Exposure management: CrowdStrike's recommended pivot from vulnerability volume to reachability, identity context and exploitability.
The Verifier's Moment: Parade Warrior's term for the structural condition underneath the Mythos moment: attacker feedback is cheap, defender feedback is not, and the resulting gap is now the dominant variable in cyber risk.

The Mythos Brief is written by Kelvin Zhou, founder of Parade Warrior. One short, opinionated piece on the AI threats actually hitting Australian businesses. No vendor pitches. No abstract think-pieces.

Issue date: 1 June 2026.

8. Sources

Talk to Parade Warrior about exposure & verification →← Back to Insights

The Zero Day Clock: a verification crisis, not a vulnerability crisis.