Intruder launches AI penetration testing for web applications

Applications of AI


  • Autonomous AI agents proactively identify application security flaws and search for weaknesses throughout web applications through source code integration.

  • Built and trained by CREST-certified penetration testers, AI agents reason and contextually adapt to applications, mirroring the approaches of the best human testers, and distilling them into automated solutions that organizations can run with every release.

  • On-demand web app penetration testing starts in minutes and completes in hours at less than 25% of the cost of traditional manual efforts.

London, July 16, 2026–(BUSINESS WIRE)–Intruder, the leader in exposure management, today announced the launch of AI Penetration Testing for Web Applications, providing on-demand penetration testing. Following the initial release of issue-level investigations last quarter, the platform now allows organizations to securely connect to their codebase via GitHub or GitLab, automatically scope and launch penetration tests in minutes, and produce results and audit-ready reports in hours.

Mythos and Daybreak have proven that AI is very adept at finding security vulnerabilities. At the same time, AI is accelerating the capabilities of attackers. Annual penetration tests don’t provide organizations with the same level of protection as they once did and are no longer consistent with how companies ship code today. Large-scale deployments are occurring weekly, and without more frequent penetration testing, security and engineering risk becoming dangerously out of step.

Empowered teams, faster engineering

According to Intruder’s latest research, the Security Middle Child Report, 49% of security leaders cite AI and automation as a top investment priority for 2026. Meanwhile, AI-assisted “vibe coding” is shipping unsafe code faster. Engineering teams leveraging AI coding assistants to work faster are rapidly introducing new application vulnerabilities without thorough security reviews, increasing the need for continuous application testing.

AI-enabled security solutions are now essential for security teams. Embracing autonomous capabilities is the only viable path towards a truly continuous approach to security. This change is critical in a world where the average time to exploitation has decreased to one day and is expected to decrease further in the coming months.

“At Intruder, our mission has always been to make robust cybersecurity available to everyone,” said Andy Hornegold, Chief Security Technologist at Intruder. “Offering web application testing is an exciting step in that effort. By providing advanced penetration testing on-demand and at a low cost, we are helping enterprises respond to an accelerating threat landscape.”

On-demand penetration testing

Intruder’s web application penetration testing is powered by autonomous AI agents that proactively discover weaknesses across your application ecosystem. Intruder’s AI Pentesting brings the strategic depth and creative problem-solving of manual, human-driven efforts to an automated framework that organizations can run with every release.

Designed to transform the way modern engineering and security teams manage software risk, this framework provides critical functionality out of the box.

  • White box penetration testing: Penetration testing agents fully understand the system under test by ingesting the code base.

  • Built by CREST certified penetration testers. Our penetration tests are performed by AI built and trained by CREST-certified penetration testers to act and think like the best human penetration testers.

  • Test in minutes: Penetration tests can take anywhere from a few minutes to a few hours, depending on the complexity of the web application being tested. There are no scopes or schedules.

  • Audit level reporting: We provide a complete penetration testing report that can be used as evidence for SOC 2, ISO 27001, and other compliance frameworks.

  • Affordable accessibility: Automated web application penetration testing costs less than 25% of traditional manual efforts, and results are available in hours instead of weeks or months.

“Historically, penetration testing has been very expensive and time consuming,” said Chris Wallis, CEO and founder of Intruder. “In today’s accelerating threat environment, that timeline and cost are unsustainable. We are ensuring that resource-constrained small businesses are not excluded from good security based solely on budget.”

“Ensuring the security of the global AI platform requires continuous defense,” said Zach Rattner, CTO and co-founder of Yembo. “Yembo continues to leverage human penetration testers, but annual assessments alone leave a dangerous window of exposure. Intruder’s AI penetration testing closes that gap by providing human-level depth at machine speed, permanently enhancing our platform.”

Full-fledged web app penetration testing is now available

Pricing starts at $3,500 per test, and Intruder offers discounted introductory pricing for early adopters. Existing Intruder customers can receive web app penetration testing results directly, along with attack surface, cloud, and vulnerability data.

Penetration testing is now available to new and existing customers. Existing Intruder platform customers can[Pentests]You can purchase Penetration Testing within your Intruder account by navigating to the tab. New customers can research and perform penetration tests through our free plan.

Security, IT, and development teams interested in learning more about the Intruder platform and its latest products can schedule an information session here.

About Intruder

Intruder’s Continuous Exposure Management platform helps security, IT, and engineering teams stop breaches before they begin. By integrating AI penetration testing, attack surface monitoring, cloud security, and vulnerability management into one intuitive platform, Intruder provides stressed teams with a trusted source of security that’s always on. Our approach focuses on continuous automated scanning using our expertise and agent solutions to ensure that the results delivered are accurate, prioritized according to real-world risks, and ready for immediate action.

Intruder was founded in 2015 by Chris Wallis, a former ethical hacker turned corporate blue-chip, and currently protects over 3,000 companies worldwide. Intruder has won multiple awards and was selected for GCHQ’s Cyber ​​Accelerator, included in Deloitte’s Tech Fast 50 2023 list as the UK’s fastest growing cybersecurity company, and named in G2’s 2026 Best Software Award. Learn more at https://intruder.io and get real-time threat intelligence at https://cvemon.intruder.io

FAQ

Why is AI penetration testing necessary to address today’s threat landscape?

According to Intruder’s Security Middle Child report, 42% of midmarket security leaders say their teams are stressed, overwhelmed, or consistently outnumbered, even as attackers accelerate. Large-scale deployments are occurring weekly, and without more frequent penetration testing, security and engineering risk becoming dangerously out of step. Intruder’s Penetration Testing Agent fills that gap by providing manual penetration testing details on demand.

What is the difference between problem-level investigation and full-fledged AI penetration testing?

Intruder’s first AI release focused on problem-level investigation. That is, we used autonomous agents to verify the detection results of individual scanners and eliminate false positives. This new release introduces full-fledged white-box web application penetration testing. By analyzing your entire codebase via GitHub or GitLab, the agent simulates a comprehensive end-to-end human penetration test, proactively discovering new vulnerabilities rather than just validating old vulnerabilities.

What is the best automated penetration testing platform for midsize business security teams?

Intruder’s AI Penetration Testing gives extended security teams access to the details of manual penetration testing without the cost and scheduling overhead of traditional efforts. The platform combines attack surface management, vulnerability scanning, and now AI-driven detection into a single interface. These full-scale web application penetration tests provide rigorous reports that can be used as compliance and audit evidence for frameworks including SOC 2, ISO 27001, and other compliance frameworks.

View source version on businesswire.com: https://www.businesswire.com/news/home/20260716230256/en/

contact address

media contact
treble range
katie ann haze
intruder@treblepr.com



Source link