AI pentesting: the depth of a pentest, on-demand

Despite sharing a common goal, there has always been a tension between vulnerability scanning and penetration testing. 

Vulnerability scanners provide broad, affordable, and frequent coverage, but they lack context about the organization and their systems and don’t typically have the ability to assess the bigger picture impact that can result from chaining vulnerabilities together. 

On the other hand, pentests go deep, providing the context and validation scanners lack, but they have historically been expensive, infrequent, and point-in-time. An annual or quarterly engagement can't keep pace with daily releases, new cloud services and containers, or the shadow IT that inevitably creeps in as your estate grows. This has long been a known issue and AI pentesting is the solution that will finally close this gap.  

The need for AI pentesting is made greater by the fact that the threat landscape is rapidly intensifying as AI enables bad actors. Mean time-to-exploit has collapsed from months to a day, with projections it will reach hours by late 2026. Our Exposure Management Index revealed the average number of identified high-severity vulnerabilities is up nearly 20% year-over-year.

Faced with this reality, defenders have to rethink their approach to exposure management  to stay secure in the age of AI. That's why we're building AI Pentesting in Intruder.

Our vision for AI pentesting

Today, we're launching our first AI pentesting capabilities, but this is just the start. Our vision is to make continuous, AI-powered pentesting and red teaming accessible across web apps, external and internal networks. 

Security in the age of AI waits for nobody, and having a unified solution that is capable of continuously monitoring your entire attack surface, finding and investigating vulnerabilities and streamlining the remediation process has become business critical. We're building towards a future where every Intruder customer can access that depth of a pentest, on-demand, at a fraction of the cost. You can expect new capabilities rolling out over the coming months.

AI pentesting: issue level investigations

With this initial release, AI pentesting agents can actively investigate vulnerability scanner findings identified in Intruder using the same methods employed by human pentesters and security experts. Investigations are currently supported across a wide range of issue types including: injection issues, client-side attacks and information disclosure.

Users select issues raised within Intruder and a corresponding investigation category. The AI agent then interacts directly with the target, sending requests, analyzing responses, and probing for exposed data to build a picture of the issue's real-world impact.

Injection issues 

Our first AI pentester is built to validate injection flaws, vulnerabilities that let attackers manipulate an application's commands, queries, or instructions to gain unauthorized access, by reproducing scanner findings with error-based, timing-based, UNION-based, and other injection techniques. No data is altered or destroyed in the process.

For example: a scanner flagged a possible SQL injection issue after an OR 1=1 parameter caused an API error. The agent couldn't reproduce the error consistently, and noticed it appeared regardless of the payload. By examining response headers, it found the server's short-lived CSRF tokens were the real cause. It confirmed this with additional requests, ruled out SQL injection, and flagged the finding as a false positive, an investigation that would take a human analyst 30+ minutes, done in minutes.

Information disclosure

Scanners flag issues where sensitive information such as configuration details or open cloud storage buckets are exposed to unauthorized users, but can't assess whether the exposed data is actually sensitive. Our pentesting agent confirms the scanner's finding, reviews what's exposed, and evaluates how an attacker could use it. If it finds credentials like login details or API keys, it will attempt to verify whether they're valid, without using them beyond that check.

For example: a scanner flagged a low-risk error page on a self-hosted third-party application. The agent reproduced the error and examined the page contents, finding a stack trace exposing network directory paths and the application's version number. It identified that the version was severely outdated and contained known vulnerabilities. The agent recommended upgrading the risk to medium, since the page directly provides information an attacker could use to target the application.

Client-side attacks 

Another agent is trained to validate client-side findings like clickjacking, attacks that target your application's users rather than the app itself. Scanners flag clickjacking whenever frame-related headers are missing, but some pages are intentionally frameable and pose no real risk. Traditional scanners can't make that distinction, but our AI pentesting agent can.

For example: a scanner flagged a clickjacking vulnerability on a page with missing X-Frame-Options and frame-ancestors headers. The agent confirmed the headers were missing, then examined the page to assess whether it actually mattered. It found a JavaScript single-page application running a CMS with authentication, a script intentionally bypassing frame restrictions, and no protections controlling where the page could be embedded. The agent concluded the page was intentionally frameable but lacked safeguards, and because the application handles authentication, the clickjacking risk was real.

For each investigation category, AI produces a summary, a detailed report, and a full transcript of the agent's steps. Your team can see the exact requests sent, responses received, and reasoning behind every conclusion, so developers and security teams have the information and context they need to prioritize and fix issues fast.

AI pentesting is available on Cloud, Pro, and Enterprise plans on a monthly credit basis. Each credit covers one occurrence, so if the same vulnerability appears across multiple targets, each investigation uses one credit. Cloud plans include 5 credits per month, Pro includes 10, and Enterprise includes 50. Credits reset at the start of each calendar month, and additional credits can be purchased if needed.

Benefits of AI pentesting

The depth of a pentest, on demand: Traditional pentests are expensive, often booked months in advance, and typically run on an annual or quarterly basis. In between engagements, your environment changes, but your pentest results stay static. AI pentesting gives you that investigative depth whenever you need it: with every new release, every new cloud service, every new finding. No scheduling. No scoping. No waiting.

Focus on real risks: Scanners can confirm the presence of many vulnerabilities, and Intruder's own checks actively validate findings where possible. But some issues need deeper investigation to understand whether they're exploitable in your specific environment and what the real-world consequences would be. That's the kind of work that typically requires a human analyst and hours of manual effort. Intruder’s AI pentesting agents pick up that investigation automatically, so your team spends less time being distracted by false positives and more time fixing.

Understand true impact: Knowing a vulnerability exists is one thing. Understanding what happens if it's exploited is another. AI pentesting goes beyond the finding itself to assess the real-world consequences, whether sensitive data is exposed, whether an attacker could escalate access, or whether a configuration issue leads to something more serious than it first appears. 

Cut remediation bottlenecks: Triage, investigation, and validation are the slowest parts of the remediation cycle. With 42% of midmarket security teams reporting being stretched, overwhelmed, or consistently behind, that’s time many teams simply don't have. AI pentesting automates investigation and validation, giving stretched teams time back for the decisions and fixes that need human judgment.

Coming soon: audit ready web app pentests

This is just the beginning for AI pentesting in Intruder as we build towards our vision of delivering continuous AI powered pentesting and red teaming across the entire digital estate. 

Up next is full scale web application pentesting powered by AI agents that don't just investigate known findings, but actively discover new vulnerabilities across your web applications. Think of it as moving from reactive validation to proactive discovery, bringing the depth and creativity of a manual web app pentest into something you can run continuously.

Our AI pentesting agents are available now to Intruder customers on Cloud, Pro, and Enterprise plans, start a free trial or book a demo to see it in action.