What 550 Security Leaders Just Told Us about the Age of AI, and Why Preemptive Digital Risk Protection Can’t Wait

Share On Facebook
Share On Twitter
Share On Linkedin

The attack surface isn’t just expanding. It’s outrunning the security models built to defend it. That’s the clearest takeaway from Securing the Expanding Attack Surface in the Age of AI, a new Infoblox research report based on a global survey of 550 cybersecurity professionals across 10 countries and six critical industries.

The data will feel familiar to anyone inside a security organization right now: more exposure, more AI-driven attacks, more tooling and still not enough real risk reduction. Security leaders are no longer debating whether to shift toward preemptive, intelligence-driven security; they’re doing it, and they’re looking for solutions that can disrupt threats before they reach users, customers and brands, especially the ones that originate outside the enterprise perimeter. This is exactly the problem Infoblox acquired Axur to solve, and why we’re scaling Axur’s proven capabilities globally as Digital Risk Protection Services (DRPS), part of Infoblox Exposure Management.

The Signals Are Hard to Ignore

A few numbers from the report stand out for how they connect:

  • 96% of organizations report challenges managing threat exposure as cloud, software as a service (SaaS), IoT/OT and shadow IT grow faster than teams can inventory.
  • 87% have already experienced adversarial AI-driven attacks, most commonly AI-driven phishing (61%) and AI-crafted malware (51%).
  • 43% now rank deepfakes and AI-generated phishing as their top threat concern, surpassing ransomware (29%).
  • More than half prioritize phishing infrastructure takedown and credential leak detection as their most critical digital risk protection use cases.
  • 67% cite poor DNS hygiene as an exposure concern, and 88% report additional exposure concerns tied to misconfigured or unmanaged DNS.
  • 82% have increased their use of preemptive security tools year over year.

The biggest challenge isn’t finding vulnerabilities. It’s knowing which ones are actually exploitable in the real world (34%), compounded by budget constraints (29%), fragmented tooling (28%) and gaps in intelligence, skills and tooling that leave over half of teams overwhelmed by the pace of AI-driven threats. Meanwhile, attackers have industrialized everything outside the perimeter, standing up convincing phishing, fake apps and impersonation campaigns faster than manual defenses can respond. Organizations don’t need more alerts about external threats. They need those threats disrupted before they reach their users and customers.

Preemptive Security Is Becoming the Operating Model

Security leaders are moving decisively toward preemptive, intelligence-driven approaches. Prevention (43%) and predictive threat intelligence (39%) lead the list of most appealing preemptive concepts, with AI-assisted security operations (36%) close behind. Organizations expect preemptive tools to account for 49% of their security tool mix over the next 12 months, up an average of 12% year over year, and they want those tools to plug into workflows they already run, with security information and event management (SIEM)/security orchestration, automation and response (SOAR) integration (32%) and executive-friendly reporting (30%) ranked as the highest-value additions to digital risk and exposure management solutions.

Why We Acquired Axur, and Why Now

When a market tells you that damaging attacks begin outside the enterprise, that AI has made them faster and more convincing, and that perimeter controls aren’t built to disrupt the infrastructure that creates them, you have two choices: wait or accelerate. We accelerated.

Axur was purpose-built for this problem, continuously discovering brand abuse, phishing infrastructure, impersonation, fraud and credential exposure across the open web, social, ads, app stores, marketplaces and the deep and dark web, then automating evidence-backed takedowns end to end. The metrics tell the story: sub-four-minute first notifications to internet service providers after a threat is detected, nine-hour median takedown times after those notifications are sent, a 98.9% success rate in removing attacks permanently, 86% of takedowns automated with no human involvement required and 15-day stay-down monitoring to prevent reappearance.

For the full acquisition rationale and the “better together” vision, see Scott Harrell’s Why the Axur Acquisition Marks a Turning Point for Preemptive Security and Mukesh Gupta’s deep dive on turning external risk into protection at scale.

How Digital Risk Protection Services Maps to What the Research Says Teams Need

The survey is, in many ways, a blueprint for what Digital Risk Protection Services, the first offering within Infoblox Exposure Management, is designed to do.

  • On the top digital risk priorities, such as phishing takedown, credential leak detection and AI-evasive impersonation: Digital Risk Protection Services continuously discovers external threats, validates real abuse with multi-modal AI that catches impersonation keyword- and domain-similarity tools miss, and automates takedowns across web, social, ads, apps and the deep and dark web.
  • On DNS hygiene and the compressed window between exposure and impact: Paired with Protective DNS, part of Infoblox Threat Defense™, Digital Risk Protection Services delivers “instant block + fast takedown,” a combination no one else brings to market, so managed users are protected in minutes while attacker infrastructure is removed, and DNS intelligence expands visibility into the related infrastructure behind each discovered threat.
  • On integration, reporting and measurable outcomes: Digital Risk Protection Services plugs into existing SIEM/SOAR and incident workflows with proof-rich evidence and audit-ready reporting, and it extends into a broader exposure management strategy with External Attack Surface Management (EASM) and Cyber Asset Attack Surface Management (CAASM) as the next phases.

The Takeaway for Security Leaders

The expanding attack surface, the normalization of AI-driven attacks, the persistent gap between vulnerability data and real-world exploitability, and the sharp move toward preemptive control all point in the same direction: the programs that succeed will be the ones that disrupt external threats earlier, enforce protection immediately and prove real risk reduction. That’s exactly what Digital Risk Protection Services is built to deliver at global scale.

Download the Securing the Expanding Attack Surface in the Age of AI report for the full findings, then talk to us about how Digital Risk Protection Services can help you act on what the research tells you.

Labels:

Daniel Brody

Senior Product Marketing Manager, Infoblox

Daniel Brody is a Senior Product Marketing Manager at Infoblox, where he leads messaging and go-to-market motions for Continuous Threat Exposure Management (CTEM) and external threat and digital risk protection. He focuses on translating exposure intelligence, threat research, and preemptive security controls into clear positioning that helps organizations reduce risk before impact. Daniel has over a decade of experience in cybersecurity and technology marketing, with prior roles spanning product marketing, content strategy, and communications. He has worked with security-focused startups including Cynerio (acquired by Axonius), Illusive (acquired by Proofpoint), and other high-growth technology companies, supporting solutions across threat detection, infrastructure security, and emerging risk domains.

View All Posts

You might also be interested in

You might also be interested in

×