IBM has launched two cybersecurity offerings aimed at enterprise threats linked to frontier AI models, including a readiness assessment and a multi-agent service called IBM Autonomous Security.
The announcement describes the shift as an operational problem where AI-assisted attacks can move faster than security programs built on fragmented tools and manual workflows can respond.
The first offering, IBM’s Enterprise Cybersecurity Assessment for Frontier Model Threats, is aimed at identifying security gaps, policy weaknesses, AI-specific exposures and potential exploit paths. IBM said the assessment also provides prioritized mitigation guidance, including interim safeguards where no immediate software fix exists.
The second is IBM Autonomous Security, which it claims to bring together interoperable, vendor-agnostic digital workers that operate across an organization’s security stack.
The service uses coordinated AI agents to analyze software exposures and runtime environments, enforce security policies, detect anomalies and contain threats with minimal human intervention, while feeding insights into governance and risk systems.
Defense at machine speed
IBM’s 2026 X-Force Threat Intelligence Index reported a 44% year-over-year increase in exploitation of public-facing software or system applications, while 56% of disclosed vulnerabilities did not require authentication to exploit. IBM also observed 300,000 AI chatbot credentials for sale on the dark web.
Google Cloud’s RSAC security briefing and Mandiant’s M-Trends 2026 report described a similar compression in attack tempo.
Google said AI agents are already helping adversaries accelerate intrusions, including automated scanning of stolen data for hard-coded keys and access tokens, while Mandiant said hand-off times between threat groups fell from more than eight hours in 2022 to 22 seconds in 2025.
Defining the limits of autonomous threats
The International AI Safety Report 2026 gives the automation argument a useful boundary. It found that AI systems are automating more parts of cyberattacks and that cyber capabilities have improved across several domains in research settings.
It also said fully autonomous end-to-end attacks have not been reported, which keeps the current enterprise risk framed around acceleration and partial automation rather than proven, fully autonomous attack chains.
Securing the new agentic workflow
The enterprise side of the problem is also changing. OWASP’s AI Agent Security Cheat Sheet lists agent-specific risks including prompt injection, tool abuse, privilege escalation, data exfiltration, memory poisoning, goal hijacking, excessive autonomy, cascading failures and supply chain attacks.
These risks attach to systems that can reason, plan, use tools, maintain memory and take actions, rather than only generate text for a human reviewer.
That exposure is expanding as agents move into business workflows. KPMG’s Q1 2026 AI Pulse reported that more than half of organizations are actively deploying AI agents, with agents increasingly coordinating work across functions by automating workflows, routing information and supporting joint decision-making. The same survey said cybersecurity was among the top planned AI investment categories for organizations spending $10 million to $49 million.
Navigating a crowded vendor landscape
IBM is not alone: Microsoft’s March RSAC security update detailed Security Copilot agents for alert triage and conditional access optimization. Palo Alto Networks is promoting Cortex AgentiX as a platform to build, deploy and govern security agents and CrowdStrike introduced Charlotte AI AgentWorks with partners including Accenture, AWS, Anthropic, Deloitte, Kroll, NVIDIA, OpenAI, Salesforce and Telefónica Tech.
IBM’s distinction is the consulting-led route into that market. The assessment is delivered through IBM Consulting and its technology partners, while Autonomous Security is positioned as vendor-agnostic rather than tied only to IBM tools.