Last month at the Hive, Bugcrowd hosted a live panel where I spoke with our Director of Red Team Operations, Alistair G. We came together to tackle a question that is rapidly becoming one of the most pressing in enterprise security: In a world flooded with AI-generated vulnerability reports, which findings actually matter?

“AI slop” is a term that originally described low-quality, AI-generated content, but in security, it refers to the wave of AI-generated vulnerability submissions hitting bug bounty platforms, many of which are hallucinated or low-value. 

However, not everything happening in the wave of AI is slop. There is a genuine signal in that pile. Once you’ve filtered out the false positives, you’re left with a vastly larger volume of true positives than the security industry has ever had to handle before. 

The problem? There are 10x more valid vulnerability findings, driven by AI-assisted discovery, with remediation cycles largely unchanged. The answer? Context. Not every true positive carries equal weight. The question isn’t whether a finding is real. It’s whether an attacker can use it to reach your crown jewels. 

The volume problem

Any CISO who has stared at a vulnerability management dashboard knows the feeling of seeing thousands of findings, most of which are never actioned. With AI, that pile is growing faster than patching cycles can shrink it. AI has increased the magnitude of the problem. 

Most organizations aren’t structured for the rapid response speed that this new reality demands. I predict the volume of valid findings will only increase as AI tooling becomes more capable and more widely available to both defenders and attackers. 

Where attackers fit in

And speaking of the attackers, how does this apply to them? During the session, Alistair offered his view from the red team trenches. Historically, red team operations required specialists: people dedicated to reconnaissance, initial access, command-and-control infrastructure, and lateral movement. Today, a single skilled red teamer can query an LLM to cover ground that previously required an entire team.

But the augmentation is not evenly distributed. AI is having its biggest impact at the front end of the attack chain, such as external reconnaissance, attack surface enumeration, CVE identification, and external web application vulnerability discovery. 

Internal tradecraft, post-exploitation, and living-off-the-land techniques remain largely human-driven, drawing on an ever-expanding corpus of knowledge but not yet meaningfully augmented by AI in practice.

This is also why AI-generated vulnerability reports cluster in the external web app and bug bounty space: that’s where the tooling is currently being applied at scale.

The four tiers of findings

In the session, Alistair and I covered four tiers that shape attacker decision-making. They are:

  1. Direct exploits with an immediate path to crown jewels
  2. Chainable lower-priority findings that combine to reach high-value targets
  3. Situational awareness data (people, tech, process, data intel)
  4. Informational findings that enrich the attacker’s operational picture

Even low-priority informational findings have value for an attacker building situational awareness. It’s key to think about everything in context. A customer only really cares when you show them the full attack path to an asset, and how it’s reachable in the context of their organization. 

Turning volume into prioritized action

So how do you take a growing mountain of valid, AI-assisted vulnerability findings and turn it into a prioritized remediation queue? I recommend taking a layered approach. 

  1. Invest in automated remediation and auto-patching: Pair this with automated detection engineering: when a new technique appears in threat intelligence, generate the detection query, cost it against your data volume, and push it into your SIEM automatically.
  2. Apply the frameworks you know and love: MITRE ATT&CK, MITRE D3FEND, NIST’s identify-protect-detect-respond-recover cycle—You’ve known about these frameworks for years, but it’s time to look at them with renewed urgency. Hardening, least privilege, and zero trust aren’t new ideas, but they dramatically reduce the blast radius when vulnerabilities do exist. Cloud deployments still routinely fail basic hardening checks, turning minor vulnerabilities into trivial privilege escalation paths.
  3. Apply human attacker context on top of the machine-generated volume: Once false positives are removed and findings are deduplicated, use red team intelligence, purple team exercises, threat intelligence, and genuine threat modeling to reorder the remediation queue. Not by CVSS. By the answer to a single question: which of these findings is most likely to be used by a real attacker to reach my actual crown jewels?

Watch the full session

AI-generated vulnerability discovery is not a false alarm. The signal is real and attackers are already using these tools. The answer isn’t to dismiss the flood of findings; it’s to build the contextual infrastructure to prioritize them intelligently. That means knowing where your crown jewels actually are, modeling threats across your entire organization, and layering human red team judgment on top of the machine-generated volume.

Check out the full 20-minute session, where we discuss these principles in more detail. It also includes audience Q&A and one of my favorite stories behind an SQL database breach.