SANTA CLARA, Calif., April 29, 2026 (GLOBE NEWSWIRE) -- Aviatrix® today declared the Containment Era is here, a mandatory new architectural standard for enterprise cloud security in the age of AI anchored on a four-paper peer-reviewed research series that defines the category and its architecture. The equation answers the priority question facing every Chief Information Security Officer (CISO) in the age of AI: how to protect their enterprise against cyber risk.
In the face of the Toxic Combination — AI-accelerated vulnerability discovery, a collapsing exploitation window, and supply chain attacks that move through legitimate credentials and trusted code — the question of where to focus first has become existential for enterprises and economies. The math behind that question is now available to every CISO who wants it.
The Math Behind the Priority Question
At the center of today's declaration is the Vulnerability Deficit Equation, authored by Aviatrix Chief Executive Officer Doug Merritt and published in the concluding paper of the Containment Era research series. The equation demonstrates mathematically why patch-first defense strategies are rendered ineffective against modern cyberthreats. Across more than 10,000 organizations analyzed in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities program, a 6.5-fold increase in remediation effort led to worse outcomes, not better ones. The percentage of critical vulnerabilities unresolved at seven days rose from 56 percent to 63 percent. Meanwhile, 82 percent of intrusions now use valid credentials rather than unpatched vulnerabilities — bypassing vulnerability management entirely.
The implication is specific. The SANS Mythos Report, the most authoritative document the cybersecurity industry has produced on AI-accelerated threats, ranked Continuous Patching as Critical and Hardening the Environment as High. The Vulnerability Deficit Equation shows that ordering is inverted. Containment is not a secondary priority. It is the foundation on which every other priority depends.
“I helped build the detection era at Splunk. I know what it can do, and I know what it cannot,” said Doug Merritt, Chief Executive Officer of Aviatrix. The Cascade — the supply chain attack that moved through 36 percent of enterprise cloud environments using nothing but legitimate credentials — showed every CISO what detection alone cannot solve. Detection tells you what happened. Containment determines how bad it gets. The priority order needs to change.”
The Four-Paper Research Series
The Containment Era is supported by a four-paper peer-reviewed research series, published in full today at aviatrix.ai/containment-era. Taken together, the papers form a complete argument:
Paper 1: The Containment Era — Why the Threat Model Outgrew the Architecture.
Paper 2: The Containment Platform — How the Cloud Native Security Fabric Closes the Architectural Divide.
Paper 3: 144 to 1 — Why Every Workload in Your Cloud Is Already Exposed.
Paper 4: The Priority Inversion — Why Containment Must Be Every CISO’s Top Priority.
Paper 4 includes an explicit Honest Boundary section that separates what the math proves from what is competitive positioning. The intellectual standard set by the SANS Mythos Report deserves a response held to that same standard.
Evidence That Architecture Determines Outcomes
The Cascade, a coordinated supply chain campaign attributed to TeamPCP, is one proof case of a universal architectural failure. Whether it is ransomware spreading across workloads after initial access, APT actors dwelling undetected through credential compromise, or data exfiltration via ungoverned communication paths—every major attack class depends on the same gap: no workload-level constraint on what compromised code can reach.
The Cascade moved through cloud environments using legitimate credentials and trusted internal tools. Traffic looked authorized at every checkpoint. The attack affected 36 percent of enterprise cloud environments at the time of compromise.
According to Gartner, only 5 to 20 percent of enterprises have architectural controls in place to limit where a workload can communicate. For the remaining 80 to 95 percent, there is no architectural constraint on what a compromised workload can reach once inside. The Cascade demonstrated that when the attack is indistinguishable from legitimate activity, the outcome is determined not by detection speed but by containment architecture.
A Fortune Global 500 Aviatrix customer was running the compromised component when The Cascade hit. Same payload. Same vulnerability. At organizations without workload-level containment, the attack was completed in under three hours. At the Aviatrix customer, zero credentials were exfiltrated. The blast radius was one workload. The Cascade exploited what every supply chain attack exploits — the Trust Chain, the sequence of legitimate credentials, trusted code, and sanctioned communication paths that an attacker rides once inside.
"The Cascade showed us that the current architecture cannot handle what is coming next, and that gap is present in 80 to 95% of enterprise cloud environments today," said Willie Tejada, SVP and General Manager, Cloud Native Security Fabric at Aviatrix. "Today, we are putting a stake in the ground: containment is the architecture. Blast Radius is the metric. And communication governance is how it is delivered. The Containment Era is here."
Aviatrix defines containment as the architectural enforcement of explicit communication policy at every workload — governing what it can reach and what can reach it, on every path available to it, independent of whether a compromise has been detected.
The Cloud Threat Command Center: A Free Resource for Every CISO
Aviatrix also launched the Aviatrix Cloud Threat Command Center today, a free public resource that tracks active attack campaigns, including The Cascade, Salt Typhoon, and Midnight Blizzard. The Command Center includes the Blast Radius Calculator, which provides CISOs with a scored exposure assessment and a board-ready report suitable for communicating risk to executive leadership.
“The Cloud Threat Command Center tells you what will happen given your architecture today, and what to change before the next Cascade arrives,” said Merritt. “Every CISO deserves to know their blast radius before the next compromise, not after.”
Operationalizing the Containment Era
Separately today, Aviatrix announced a set of Aviatrix Cloud Native Security Fabric solutions that operationalize the Containment Era for enterprise AI workloads, including Zero Trust for AI Workloads and Aviatrix AgentGuard in early access.
Resources
To engage with the Containment Era, please visit:
- The Containment Era research series (all four papers): aviatrix.ai/resources/solutions/the-containment-era/
- Paper 4, The Priority Inversion: aviatrix.ai/containment-era/priority-inversion
- The Vulnerability Deficit analysis: aviatrix.ai/vulnerability-deficit
- Cloud Threat Command Center and Blast Radius Calculator: aviatrix.ai/threat-research-center/cloud-threat-command-center/
- Accompanying product release: aviatrix.ai/containment-platform-products
About Aviatrix
Aviatrix® is pioneering the Cloud Native Security Fabric — the architecture the Containment Era requires. The Cloud Native Security Fabric governs every workload communication path across every cloud, every VPC, every Kubernetes cluster, and every serverless function, from a single policy plane. One rule. Universal propagation. Enforced at the workload, not at a chokepoint. Trusted by more than 500 of the world's leading enterprises. For more information, visit aviatrix.ai.
Gartner Disclaimer
GARTNER is a registered trademark and service mark of Gartner, Inc. and its affiliates in the United States and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product, or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact.
Aviatrix 888-311-8328 corpcomms@aviatrix.com