Cloud security posture management got good at finding problems — too good. The bottleneck moved downstream: a CSPM tool can surface thousands of misconfigurations, but each one still needs a human to figure out the specific, safe fix for their environment. Detection scaled; remediation did not. That gap is where the cost now lives.
Zscaler, Inc.'s US12487871B2, “Systems and methods for detailed cloud posture remediation recommendations utilizing custom large language models (LLMs)” (issued December 2, 2025; CPC G06F 11/008 — reliability/availability of systems), describes using custom LLMs to generate detailed remediation recommendations for cloud posture findings. Read it at US12487871B2.
Mechanically, the system takes a posture finding and uses a tailored large language model to produce specific remediation guidance — the exact configuration change, in context — rather than a generic “this is misconfigured” alert. The “custom” framing matters: a model tuned to cloud-security remediation, not a general chatbot, is what makes the output trustworthy enough to act on. Zscaler filed a companion 2025 grant on efficient remediations for cloud vulnerabilities in the same period.
Why this is a business story: generative AI is the feature every security platform raced to add in 2024 and 2025, and remediation — closing the loop from finding to fix — is the use case with the clearest return on investment because it directly cuts analyst hours. For Zscaler, building defensible IP around applied LLMs (rather than just wrapping a third-party model) is how it justifies AI as a durable differentiator to investors rather than a commodity bolt-on. The patent is a claim that the remediation layer, not just detection, is where AI earns its keep.
The grounded read: LLM-driven remediation attacks the real CSPM bottleneck — turning thousands of findings into specific, actionable fixes. Zscaler's 2025 grant names that custom-LLM approach, a bet that AI's payoff in security is at the fix, not just the alert.