The Problem in One Uncomfortable Statistic
Cogent’s own research analyzed 69,159 CVEs and found that the average time from public disclosure to a working exploit collapsed from 125.3 days in January 2025 to 0.5 days by April 2026.
That’s not a trend. That’s a category shift. And it makes the traditional scanner-and-patch workflow look less like a security strategy and more like a polite suggestion.
The same report found that 62% of critical vulnerabilities with known exploits had a working exploit circulating before scanner detection signatures even shipped. Tenable, Qualys, and Rapid7 — the incumbents — showed median detection lags of 0.1, 2.9, and 5.1 days respectively. Meanwhile, 54% of CVEs published since January 2025 had no detection signature from any of the three.
Signatures chasing exploits. Defenders chasing signatures. You see the problem.
What Cogent Actually Launched
Two new platform capabilities, both aimed at collapsing the gap between disclosure and confirmed fix.
Zero Day Response
This one doesn’t wait for scanner signatures. It ingests intelligence from formal CVE advisories, pre-CVE disclosures, and supply chain alerts — then immediately cross-references findings against a customer’s complete software inventory.
Crucially, each finding is scored against that customer’s specific environment, not a generic severity rating. A critical CVE in software you don’t run is noise. A medium CVE in your most exposed production service is a fire. Cogent’s agents triage accordingly, automatically, as signals arrive.
Autonomous Remediation
Once exposure is confirmed, this feature builds a fix plan per affected asset — not a blanket patch recommendation, but a targeted response based on what will resolve the risk fastest for that specific system.
Before anything executes, the system runs a preflight check: reboot requirements, downtime risk, business impact. Customers control how much autonomy the agents get — full human approval for critical production, fully autonomous execution in lower environments. And remediation isn’t marked complete until an independent verification confirms the fix actually worked.
The combined result, per Cogent: a vendor advisory published at 2 a.m. can trigger asset identification, risk scoring, and remediation deployment before the security team’s morning standup.
The Numbers Behind the Claim
Cogent says Fortune 500 customers running the platform have reduced mean time to remediate critical vulnerabilities by 97%.
That’s a bold number. But when your baseline is a 60-day remediation cycle against exploits that now weaponize in under a day, compressing to hours isn’t just impressive — it’s the minimum viable response.
CEO Vineet Edupuganti put it plainly: “When a new CVE can be weaponized in hours, a four-day detection cycle and a 60-day remediation cycle carry a different kind of risk than they did two years ago.”
Hard to argue with that framing.
Who This Is For
Enterprise security teams running vulnerability management programs at scale — particularly those already drowning in CVE volume and scanner alert fatigue. If your team is manually triaging thousands of findings and scheduling patches in quarterly cycles, Cogent is pitching a fundamentally different operating model.
It’s also clearly aimed at organizations where the cost of a zero-day breach outweighs the discomfort of giving AI agents more autonomous control over remediation. That’s a cultural shift as much as a technical one, and Cogent’s policy controls seem designed to ease teams into it rather than force a leap.
The Backing
Founded in 2025, Cogent has raised $53 million total — including a $42 million round in February — backed by Bain Capital Ventures, Greylock Partners, and Definition Capital. Executives from OpenAI, Abnormal Security, and Datadog are also investors.
For a one-year-old company, that’s a serious vote of confidence from people who understand both the AI stack and the security market.
The Takeaway
Cogent Security isn’t selling faster scanners. It’s selling a different premise entirely: that autonomous agents, not human-paced workflows, are the only realistic match for AI-assisted attackers operating at machine speed.
Whether enterprises are ready to hand that level of autonomy to an AI agent is the real question. But given that exploits now outrun signatures by default, the more uncomfortable question might be: what’s the alternative?
Comments (0) No comments yet
Want to join this discussion? Login or Register.
No comments yet. Be the first to share your thoughts!