There is a word that appears throughout Gartner® latest research on AI-driven cybersecurity that every cloud security leader should take seriously: weaponized.
Not “advanced.” Not “sophisticated.” Weaponized.
Gartner® June 2026 report, Build Preemptive Security to Avert Weaponized AI Risks by Emerging Tech and Trends Security Research Team. We feel it opens with a statement that leaves no room for ambiguity:
“Product leaders who neglect strategic AI security roadmaps as a key component of competitive AI race plans face imminent, career-damaging cyber incidents and crippling market share losses within the next two to four years. Bad actors are already weaponizing AI, unleashing an arsenal of unprecedented sophistication against unprepared enterprises.”
At Skyhawk Security, we have built an AI-based preemptive cloud security platform specifically designed for this reality.
You cannot wait for detections.
The speed, sophistication, and scale of AI-enabled threats have outpaced what any detection and response strategy can handle. Enterprises that continue to rely solely on detection and response tools are not just falling behind. They are facing imminent, career-damaging cyber incidents and crippling market share losses.
Gartner® says “As AI becomes weaponized against a rapidly expanding attack surface, traditional detect-and-respond security tools leave enterprises woefully at risk. Product leaders must adopt preemptive cybersecurity measures to thwart evolving AI threats or plan for ruinous business loss.”
In Skyhawk’s opinion, this is a critical distinction. Detection and response tools work by identifying threats after they have entered the environment: after an attacker has already moved, already accessed something, already created a foothold. Against AI-powered adversaries that operate at machine speed, that window between intrusion and detection is where the damage happens.
Preemptive security inverts this logic. Rather than waiting to detect an attack, it identifies the attack paths that exist in your environment right now, before any adversary has the chance to use them. This is precisely what Skyhawk’s AI-based platform does. Our adversarial AI agents continuously simulate how a real threat actor would move through your specific cloud environment, mapping IAM relationships, network topology, misconfigurations, and active vulnerabilities into a dynamic picture of exploitable risk. We find the weaponized paths before the weapons are used.
Preemptive Security Spend will be 50% of all IT Security Spending
Gartner says “By 2030, preemptive cybersecurity solutions will account for 50% of IT security spending, up from less than 5% in 2024, and replace traditional ‘stand-alone’ detection and response solutions as the preferred approach to defend against cyberthreats.”
This is a fundamental restructuring of how the industry will allocate security investment over the next four years. For cloud security leaders making platform decisions today, the question is not whether preemptive security will become the standard. In Skyhawk’s opinion, it is clear that it will. The question is whether your organization will be positioned ahead of that shift or scrambling to catch up after it.
Skyhawk has been building toward this moment since inception. Our platform is not a detection tool with preemptive features added on. Preemptive, adversarial intelligence finding weaponized risk before it is exploited is the foundational design principle of everything we build.
The Global Attack Surface is expanding at an AI-driven Pace
In Skyhawk’s opinion, one of the most important structural points is the description of the Global Attack Surface (GASG).
Gartner says “The global attack surface grid is a rapidly expanding, interconnected and complex array of attack surfaces. This includes multicloud environments, Internet of Things (IoT) smart devices, data networks and APIs, blurring the lines between internal and external assets. Emerging technologies, such as AI, intelligent simulation, autonomous vehicles, smart robots and sensing technologies, are constantly introducing new and novel attack vectors and complexities that transcend traditional cybersecurity capabilities.”
For cloud security teams, this description captures a challenge that is already felt daily: the environment never stops changing. New services are deployed, permissions are modified, configurations drift, and new CVEs are published, all of which alter the attack surface in real time. No human team can manually track every change and reassess the risk implications continuously.
This is exactly why Skyhawk’s digital twin is continuously updated. Every change to your cloud environment: a new IAM role, a new deployment, a security control update, is reflected in the simulation model, and the adversarial AI immediately recalculates which attack paths are open or closed. You always have a current, accurate picture of your weaponized risk, not a point-in-time snapshot that is stale before it is acted on.
Threat Actors are Leveraging AI. You are required to use it as well.
. The threat is not emerging, it is here. Bad actors are already weaponizing AI against enterprises that are still operating on reactive security strategies. The window for organizations to build preemptive capabilities before suffering the consequences is narrowing.
Gartner states” As the global attack surface expands exponentially, preemptive cybersecurity isn’t merely an option; it’s rapidly becoming the definitive gold standard for effective cyber defense in the AI race. This emerging set of technologies empowers organizations to deceive, deny and disrupt cyber criminals before they can initiate their objectives, moving beyond traditional detection and response to fundamentally stay ahead of emerging threats.”
In our opinion, Skyhawk Security delivers a comprehensive approach to preemptive cloud security. Our AI-based Purple Team finds the weaponized vulnerabilities in your cloud, the specific attack paths that a real adversary would use to reach your most critical assets, continuously, without disrupting production, and prioritized by actual business risk. We do not just tell you what is vulnerable. We tell you what is exploitable, what is dangerous, and what needs to be addressed first.
Where remediation is not possible, Skyhawk Security enables the AI Red Team to simulate attacks in a digital model of your cloud environment, so the SOC is pre-trained on these attacks. This enables the response to be the result of real testing and experience to stop the breach with confidence.
The Mythos and Glasswing Project Impact
Threat actors are using AI, right now, to update their code bases for when Mythos and Project Glasswing become accessible. The distraction of a high number of vulnerabilities will be a distraction for security teams presenting a tremendous opportunity for threat actors. Skyhawk Security sorts through the vulnerabilities presented to security teams to find the ones that are putting your business at risk. Learn more about Skyhawk’s Preemptive Security Platform in our latest webinar.
See it for yourself! Sign up for our free 30-day trial.
Want to go deeper? Read our differentiators whitepaper for the full picture, then book a meeting with our team to discuss your specific environment
Gartner subscribers can read the full report at https://www.gartner.com
Gartner, Build Preemptive Security to Avert Weaponized AI Risks by Emerging Tech and Trends Security Research Team published June 8, 2026.
GARTNER is a trademark of Gartner, Inc. and its affiliates.
