NCSC publishes ten questions to ask before using AI to find vulnerabilities

TL;DR:

• The National Cyber Security Centre has published a structured checklist of ten questions UK organisations should answer before turning AI loose on their codebases and production systems to look for vulnerabilities.
• The guidance is unusually blunt about a basic point: simply finding more vulnerabilities does not improve security, and may make it worse if there is no process to triage and fix what the model surfaces.
• Resultsense view: this is the first NCSC blog to treat AI vulnerability discovery as a board-level discipline rather than a tooling choice, and it gives UK security leaders official language to slow down boards who want to “just plug in the model”.

The guidance lands as boardroom pressure to demonstrate AI-driven security gains is intensifying — partly in response to Anthropic’s Mythos and other frontier models pitched as offensive cyber capabilities. NCSC’s intervention is to insist that organisations first answer fundamentals about purpose, process and patching capacity before granting any model access to source code, historic bug data or production environments.

What the ten questions cover

NCSC’s list spans purpose (“what are you trying to achieve?”), comparative effectiveness (“is AI the best way to improve security at all?”), vulnerability management process maturity, prioritisation, and a cluster of practical safeguards around data leakage, sandboxing, permissions, jurisdiction of hosted models, and the budgetary trap of finding far more vulnerabilities than the organisation can ever afford to fix.

The agency points out that of more than 40,000 CVEs assigned in 2025, only around 400 were tracked as actively exploited and about 40 were zero-days when first used. NCSC’s view is that prioritised patching of the small exploited subset matters far more than expanding the discovery pipeline.

Where this fits in UK policy

The guidance dovetails with the UK government’s wider AI Cyber Code of Practice work and with the AISI–industry partnerships on frontier-model evaluation. It also echoes the Bank of England’s warning the same week that new AI models are likely to accelerate vulnerability discovery in financial services, lifting the operational pressure on regulated firms.

For UK SMEs, NCSC’s framing is particularly useful: it stops short of telling organisations not to use AI for security work, but explicitly says any model — including older or smaller ones — can deliver experience, and that long-term planning for successor models matters more than picking today’s frontier.

Looking forward

Expect NCSC to publish further companion content on AI-assisted vulnerability management as the agency itself flagged. The practical effect of this checklist will be measured in procurement: large UK buyers are likely to start asking suppliers how they answer NCSC’s ten questions, and that pressure will travel through the supply chain to the security tooling vendors UK SMEs already use.