Averlon today announced Precog, a predictive remediation capability that identifies exploitable risk in proposed code and infrastructure changes and delivers the fix to developers before the change reaches production. Precog addresses a widening gap: AI is accelerating both code delivery and vulnerability discovery, and security teams can no longer manage risk only after it lands in production.
The need for this shift is becoming urgent. Google Cloud’s Mandiant M-Trends 2026 report found that mean time to exploit collapsed from 63 days in 2018 to an estimated minus seven days in 2025, meaning exploitation now often begins before a patch is available. New frontier models such as Claude Mythos and GPT-5.5-Cyber are making it increasingly clear that AI will compress the time required to discover, validate, and exploit vulnerabilities. The result is a widening gap between the speed at which risk is discovered and exploited, and the speed at which security teams can triage and fix it.
The industry is converging on a new operating model: Remediation Operations, or RemOps. The premise is simple: finding risk and closing risk are different problems. Security teams do not need more alerts; they need a way to understand what is truly exploitable, prioritize by business impact, and drive safe fixes through developer workflows.
Averlon’s Remediation Operations platform addresses the full lifecycle of risk reduction: ingesting security findings, determining what is truly exploitable, prioritizing by business impact, and driving agentic remediation through developer workflows. The platform has helped customers reduce remediation time by up to 90 percent and alert noise by up to 95 percent, helping security teams move from backlogs of thousands of findings to the handful that need fixing.
With Precog, Averlon extends that model earlier in the lifecycle by preventing exploitable risk before it becomes production exposure. Unlike security scanners that flag findings based on generic severity scores, Precog evaluates whether a proposed change would actually be exploitable in the customer’s real environment, accounting for internet reachability, exposed services, and existing compensating controls. This contextual analysis means Precog surfaces the changes that genuinely create exposure, not the long tail of theoretically risky findings that wouldn’t be exploitable in production. Precog integrates into CI systems such as GitHub, evaluating proposed changes before they reach production.
When risky changes are detected, Precog identifies the issue, explains the exploitable path, and generates a remediation directly in the developer workflow. Developers receive the proposed fix at the same time they are notified of the risk, reducing friction between security review and software delivery.
Read the research and see Precog in action:
Related
This entry was posted on May 20, 2026 at 10:24 am and is filed under Commentary with tags Averlon. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Averlon Launches Precog to Stop Exploitable Risk Before It Reaches Production
Averlon today announced Precog, a predictive remediation capability that identifies exploitable risk in proposed code and infrastructure changes and delivers the fix to developers before the change reaches production. Precog addresses a widening gap: AI is accelerating both code delivery and vulnerability discovery, and security teams can no longer manage risk only after it lands in production.
The need for this shift is becoming urgent. Google Cloud’s Mandiant M-Trends 2026 report found that mean time to exploit collapsed from 63 days in 2018 to an estimated minus seven days in 2025, meaning exploitation now often begins before a patch is available. New frontier models such as Claude Mythos and GPT-5.5-Cyber are making it increasingly clear that AI will compress the time required to discover, validate, and exploit vulnerabilities. The result is a widening gap between the speed at which risk is discovered and exploited, and the speed at which security teams can triage and fix it.
The industry is converging on a new operating model: Remediation Operations, or RemOps. The premise is simple: finding risk and closing risk are different problems. Security teams do not need more alerts; they need a way to understand what is truly exploitable, prioritize by business impact, and drive safe fixes through developer workflows.
Averlon’s Remediation Operations platform addresses the full lifecycle of risk reduction: ingesting security findings, determining what is truly exploitable, prioritizing by business impact, and driving agentic remediation through developer workflows. The platform has helped customers reduce remediation time by up to 90 percent and alert noise by up to 95 percent, helping security teams move from backlogs of thousands of findings to the handful that need fixing.
With Precog, Averlon extends that model earlier in the lifecycle by preventing exploitable risk before it becomes production exposure. Unlike security scanners that flag findings based on generic severity scores, Precog evaluates whether a proposed change would actually be exploitable in the customer’s real environment, accounting for internet reachability, exposed services, and existing compensating controls. This contextual analysis means Precog surfaces the changes that genuinely create exposure, not the long tail of theoretically risky findings that wouldn’t be exploitable in production. Precog integrates into CI systems such as GitHub, evaluating proposed changes before they reach production.
When risky changes are detected, Precog identifies the issue, explains the exploitable path, and generates a remediation directly in the developer workflow. Developers receive the proposed fix at the same time they are notified of the risk, reducing friction between security review and software delivery.
Read the research and see Precog in action:
Share this:
Like this:
Related
This entry was posted on May 20, 2026 at 10:24 am and is filed under Commentary with tags Averlon. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.