Your Cybersecurity Buyer Asked ChatGPT About Your Product Before the Call. The AE's New Job Is Fact-Checking the Answer.

Last week I ran a search on my own company. The model returned an answer that was structured, confident, and partially wrong. It described features the product does not have. It missed two capabilities that are central to what it actually does. The buyer asking that same question before a discovery call walks into the room with that answer in their head and treats it as a starting point, not a question.

That experience is now built into every cybersecurity sales conversation. The buyer arrives pre-loaded with a description of your product generated by a large language model, and the accuracy of that description varies wildly. Sometimes the model invents capabilities. Sometimes it strips out the ones that matter. Either way, the buyer believes things about your product that aren't true, and they trust those beliefs because an LLM stated them with confidence.

This article examines the structural shift in cybersecurity discovery driven by LLM-mediated buyer research, the data behind the behavioral change, why cybersecurity vendor information is especially prone to LLM hallucination, and the practical moves cybersecurity AEs are using to detect and correct buyer drift without bruising the relationship.

The Data on LLM-Mediated Buyer Research

The behavioral shift toward LLM-assisted buying has been documented across multiple research streams in 2024 and 2025.

6Sense's 2025 buyer research found that 94 percent of B2B buyers use LLMs during their buying process, and 83 percent of buyers define their purchase requirements before speaking to a salesperson (cited via Corporate Visions). The behavior covers the spectrum of LLM use, from summarizing a vendor white paper to asking an AI assistant to compare two vendors head-to-head.

Gartner's June 2025 buyer survey reported that 61 percent of B2B buyers now prefer a rep-free buying experience, up from 33 percent in 2019 (Gartner). Gartner's broader Future of Sales work shows that B2B buyers spend just 17 percent of their total buying time meeting with vendor sales reps. The rest goes to independent research, third-party content, and increasingly, LLM-assisted summarization of vendor material.

6Sense's 2025 Buyer Experience Report documents the practical consequences of these shifts. The average B2B sales cycle now runs 10.1 months and buying teams average 10 people; Demandbase's 2025 research adds that 72 percent of buying groups are classified as high-complexity (cited via Corporate Visions). In cybersecurity, where buying groups regularly exceed those averages and sales cycles run 12 to 18 months, the LLM is interacting with more stakeholders over a longer period than in any other B2B vertical.

Hallucination rates across foundation models have been independently studied through 2024 and 2025. Stanford's AI Index Report 2025 tracks factuality and hallucination benchmarks across major model families and documents that even leading models continue to produce factually incorrect outputs at meaningful rates, with hallucination rates rising sharply on long-tail entities and niche knowledge domains (Stanford AI Index 2025). The directional finding is consistent across every model evaluation in the report. The more obscure the entity, the higher the hallucination rate. Most cybersecurity vendors are extremely obscure entities to a foundation model trained largely on general web text.

Three findings stack together. Buyers spend most of their time outside the room with the rep. They are using LLMs to compress that research time. The LLMs they are using produce factually wrong answers at a non-trivial rate, and the rate gets worse as the vendor gets more specialized. That is exactly where cybersecurity sits.

Why LLMs Get Cybersecurity Vendor Details Wrong

The hallucination rate isn't randomly distributed. Several specific properties of the cybersecurity vendor landscape make LLM output especially unreliable for buyers using it as a research substitute.

Vendor product pages change faster than model training cycles. Most foundation models are trained on snapshots of the public web with a hard cutoff date that runs months to a year behind the conversation. Cybersecurity vendor product pages, feature lists, and capability claims change quarterly. The model's snapshot of your product description is almost always out of date, and the model has no way to know that. It produces today's answer using last year's product page.

Acquisition activity rewrites product lines faster than the model can keep up. 2025 cybersecurity M&A hit $102 billion across 398 deals, a 294 percent year-over-year increase, with another 108 transactions following in Q1 2026 (Momentum Cyber 2026 Almanac via SiliconANGLE). When CrowdStrike announced its $740 million acquisition of SGNL, when Palo Alto closed its $400 million acquisition of Koi, when Google completed its $32 billion deal for Wiz, the LLM's training snapshot pre-dates every one of those moves. The model still describes those vendors as if no deal had ever happened. A buyer asking the model about Wiz gets a Wiz answer. The AE answering that buyer is selling a unit of Google. The mismatch is structural, and it surfaces every time a buyer references a product line by its pre-acquisition name.

Marketing language compresses differences the model can't tell apart. Cybersecurity is a category where every vendor's website claims AI-native, runtime protection, zero trust, and SOC-grade response. When the LLM reads ten vendor sites and the buyer asks which one does runtime protection best, the model triangulates from the marketing language, not the technical implementation underneath it. Two vendors with identical positioning but very different technical depth often get returned as functionally interchangeable. The AE walking into discovery has to unwind that conflation without sounding like they're attacking the competition.

Acronym density confuses entity resolution. EDR, XDR, MDR, MXDR, ITDR, SSPM, CSPM, CNAPP, CIEM, ASPM — these are not just buzzwords. They are distinct product categories with overlapping but non-identical feature sets, and the LLM regularly conflates two adjacent ones. A buyer asking about your XDR product might be describing what your XDR does, what your competitor's XDR does, or what the model averaged from twelve XDR blog posts on the public web.

Feature names are unstable. Cybersecurity products tend to ship features under codenames, then rebrand them, then bundle them into platforms with new names again. The LLM may know the old feature name, the new feature name, neither, or both. It may also confidently report on a feature that was deprecated two releases ago, or invent a feature based on a blog post that proposed it but where the implementation never shipped.

The result is that the buyer who used ChatGPT, Perplexity, or Claude to summarize your product before the call walks in with a description that is partially accurate, partially out of date, and partially fabricated. The buyer doesn't know which is which. The AE has to know which is which, in real time, without coming across as defensive or condescending.

The New First Job in Discovery

For most of the modern history of B2B sales, the AE was the most informed person in the room about their own product. The buyer arrived knowing what category they were in and roughly what they wanted, and the AE filled in the details. What the product did, how it compared, what the pricing looked like, what implementation took.

That structure has flipped.

The buyer now arrives with a description of your product already in their head. They don't think of it as a description from an LLM. They think of it as a fact. They wouldn't have shown up to the call if the LLM had told them your product was the wrong fit. The fact that the model may have invented a capability they wanted, or stripped a capability they needed, is invisible to them.

The AE's first job in the call is no longer to brief the buyer. It is to detect the drift between what the buyer thinks your product is and what your product actually is, and to correct the record without making the buyer feel embarrassed about the source they trusted.

This is a different skill set than discovery has traditionally measured. Traditional discovery is built around finding the buyer's pain, the buyer's process, the buyer's metrics, the buyer's decision criteria. None of that goes away. But before those questions can land, the AE has to reset what the buyer thinks they are buying.

The reset has to happen carefully. Telling a CISO that ChatGPT was wrong about your product is a fast way to make the buyer feel foolish for trusting the source they prepared with, which makes them defensive, which makes the rest of the call combative. The good AE moves like a teacher who already knows the answer the student got wrong, but asks the student to walk through their reasoning anyway.

What Fact-Checking Looks Like in Practice

A small set of moves shows up consistently in the discovery calls where the AE handles LLM-driven misinformation well. None of them are dramatic. The skill is in the sequencing.

Ask the source question early without making it the point. Some version of "what have you seen about us so far?" or "where did you come across us?" gives the AE a read on whether the buyer is operating off a vendor demo, a peer recommendation, a blog post, an LLM summary, or a Reddit thread. The answer changes the entire shape of discovery. The AE doesn't need to interrogate the source. They need to know what it was.

Listen for capability claims that don't match the current product. If the buyer says "I read that you do X," and X is not something your product does, the question is whether X is something you used to do, something you might do, something a competitor does, or something the LLM invented. Each answer requires a different correction. The wrong move is to deny X without offering what you do instead. The right move is to map the buyer's expectation onto the real product capability.

Distinguish "I read this somewhere" from "I assume this." Those two get tangled in discovery because both come out of the buyer's mouth the same way. A buyer saying "you guys handle SOC 2 evidence collection automatically" might mean "your website said this," might mean "the LLM told me this," or might mean "I assume any vendor in your category does this." The AE has to figure out which one without sounding like they're nitpicking.

Bring artifacts that are newer than the model's training data. A two-page customer reference written last quarter, a feature changelog from the last release, a screenshot of the current UI. These are the materials that don't exist inside the LLM's snapshot, and they are the materials that establish ground truth on a discovery call. The AE who shows up with current artifacts trades the LLM's confidence for the AE's evidence.

Don't attack the model. The temptation, on first contact with an LLM-fabricated description of your product, is to tell the buyer that ChatGPT got it wrong. Don't. The buyer is not in a position to publicly disagree with the source they used to prepare for the call, and being told the source is unreliable makes them defensive about the source rather than curious about the correction. The better move is to treat the LLM's description as the buyer's working hypothesis, then introduce evidence that updates the hypothesis. Same outcome, no friction.

These moves take time to develop. The AEs who develop them fast are the AEs whose calls go well. The AEs who don't develop them spend the rest of the call answering objections to features they don't have and watching the buyer leave the call still uncertain whether the vendor matches the description in their head.

If you want this detection to happen for you instead of by you, join the waitlist for what we are building.

The Compounding Problem at the AE Level

The LLM-misinformation problem doesn't just slow individual calls. It compounds across the AE's workload in ways that don't show up in CRM metrics.

The AE has to walk into every call assuming the buyer's mental model of the product is unreliable, and stay alert for the moment the unreliability surfaces. That cognitive load doesn't appear in the deal review. What appears is that the AE feels more drained at the end of the day, the demos take longer to land, the follow-ups have to address a wider range of objection patterns, and the deals that should have been straightforward run a quarter longer than they used to.

Multiply that across every cybersecurity AE in a region and the structural shift becomes a dominant story in cybersecurity sales productivity in 2026. The deal that took 9 months in 2023 takes 12 months in 2026 not because the buyer is slower, but because the AE is unwinding a layer of pre-call misinformation that didn't exist three years ago. It is one of the quieter contributors to the no-decision losses that already outnumber competitive losses in cybersecurity pipelines.

Sales leaders looking at this trend in their numbers see lengthening sales cycles and slipping forecast accuracy. The root cause sits one layer deeper. The buyer's pre-call research used to be a tailwind, and it is now often a headwind, and the AE who can't detect and correct the drift is operating from a worse starting position than the AE who can.

This is why coaching teams should start treating "what did the buyer think your product was before this call" as a measurable discovery output, not an aside. The answer to that question is the floor every call has to climb above.

Where This Goes

The current state, buyer arrives with an LLM-generated description and the AE corrects the record in real time, is a transitional shape. Two endpoints look plausible from here.

The first endpoint is buyer-side calibration. Buyers learn that LLM summaries of niche B2B vendors are unreliable. They start treating the LLM output as a starting point, not a fact, and they pre-flight their questions with the AE in mind. This is a slow trajectory, and it depends on enough buyers experiencing wrong answers in high-stakes contexts that they revise their behavior. There is no organic timeline for that.

The second endpoint is vendor-side instrumentation. AEs get tooling that flags, during the call, the moments when the buyer's stated belief about the product doesn't match the current capability set. The flag triggers a coaching moment, not a correction — the AE still has to do the relationship work. But the detection is no longer a function of the AE's vigilance, and the load on the AE drops accordingly.

Both endpoints take time. In the interim, the work falls on the AE. The cybersecurity AEs who close in 2026 will be the ones who developed a fast, friction-free process for spotting LLM-driven drift inside the first ten minutes of a discovery call and resetting the buyer's mental model without bruising the relationship.

Pre-call research used to mean the buyer was prepared. Today, pre-call research can mean the buyer is misinformed with confidence, and the AE has to do the work of moving them back to the ground truth. That work is a different muscle than the one most discovery training builds.

The teams that build that muscle ship.

FAQ

What percentage of B2B buyers use LLMs to research vendors before a sales call?

6Sense's 2025 buyer research found that 94 percent of B2B buyers use LLMs during their buying process, and 83 percent define their purchase requirements before speaking to a salesperson (cited via Corporate Visions). The behavior is no longer marginal. The AE walking into discovery should assume the buyer has already consulted at least one LLM about the vendor, the category, and the closest competitors.

Why are LLMs less accurate on cybersecurity vendor details specifically?

Five compounding factors. Vendor product pages change quarterly while model training cycles lag months to a year behind. Acquisition activity rewrites entire product lines faster than the model can update — 2025 closed $102 billion in cybersecurity M&A across 398 deals (SiliconANGLE). Marketing language is heavily homogenized across vendors, so the model conflates technical differences. Acronym density (EDR, XDR, ITDR, CNAPP, CIEM) drives entity-resolution errors. And feature naming is unstable, with codenames, rebrands, and platform bundles changing the surface every release.

How can an AE detect that a buyer is operating off LLM-generated misinformation?

Three early signals. The buyer references a capability you do not have using language that sounds copied from a product page. The buyer asks how a feature works that was deprecated or never shipped. The buyer compares your product to a competitor on a specific dimension that does not match how either vendor positions itself. Asking "where did you come across us?" or "what have you read so far?" early in the call surfaces the source without making the question feel adversarial.

What is the right way to correct a buyer who has wrong information from ChatGPT?

Treat the LLM-generated description as the buyer's working hypothesis, not as a mistake to call out. Affirm what is accurate, reframe outdated parts as recent product changes, and gently note when the model may have conflated your product with another vendor in the category. The goal is to update the buyer's mental model without making them defensive about the source they used to prepare for the call.

How is LLM-mediated buyer research lengthening cybersecurity sales cycles?

The AE now walks into every discovery call needing to detect and correct buyer drift before traditional discovery questions can land. That cognitive load adds time to every call, every follow-up, and every objection handle. Sales leaders see lengthening cycles and slipping forecast accuracy in their dashboards. The underlying mechanism is the AE unwinding a layer of pre-call misinformation that did not exist three years ago, and unwinding it costs measurable time on every deal.

What artifacts should an AE bring to discovery to counter outdated LLM training data?

Anything produced after the model's training cutoff. A customer reference written last quarter, a feature changelog from the last release, a screenshot of the current UI, a recent customer testimonial with a specific outcome. The materials that don't exist inside the LLM's snapshot are the materials that establish ground truth on a discovery call. Currency is the AE's advantage when the model's knowledge is months out of date.

References

1. 6Sense, 2025. 94 percent of B2B buyers use LLMs during their buying process; 83 percent define purchase requirements before engaging sales. Cited via Corporate Visions, "B2B Buying Behavior in 2026: 57 Stats and Five Hard Truths" (January 28, 2026). Corporate Visions
2. Gartner. "Sales Survey Finds 61% of B2B Buyers Prefer a Rep-Free Buying Experience." Press release, June 25, 2025. Gartner
3. Gartner. Future of Sales. B2B buyers spend 17 percent of total buying time with vendor sales reps. Gartner
4. 6Sense. 2025 Buyer Experience Report. 10.1-month average sales cycle; 10-person buying teams. Demandbase, 2025: 72 percent of buying groups classified as high-complexity. Both cited via Corporate Visions. Corporate Visions
5. Stanford University Human-Centered AI Institute. AI Index Report 2025. Hallucination and factuality benchmarks across major foundation models. Stanford AI Index
6. Momentum Cyber. 2026 Cybersecurity Almanac. $102 billion in 2025 cybersecurity M&A across 398 transactions, a 294 percent year-over-year increase; Q1 2026 added another 108 transactions, the second-highest quarterly deal count in the sector's history. SiliconANGLE coverage

*Written by Jonathan, co-founder of KillChain Sales. Ten years across software engineering, cybersecurity, and cybersecurity sales. If you're a cybersecurity AE or sales leader watching buyers walk into discovery calls pre-loaded with ChatGPT's answers about your product, join the waitlist or connect on LinkedIn.*