Novee today introduced AI Red Teaming for LLM Applications to its AI penetration testing platform. It is designed to discover security vulnerabilities in LLM-powered applications before attackers can exploit them.
As enterprises deploy AI-enabled software, from customer-facing chatbots to internal co-pilots and autonomous agents, security teams now face new types of risks, including prompt injections, jailbreak attempts, data exfiltration, and manipulation of agent behavior that traditional penetration testing tools were never designed to detect.
Unlike traditional application security tools built for web and infrastructure testing, Novee’s AI penetration testing agent is specifically designed to continuously probe AI-enabled applications. The agent autonomously simulates advanced real-world attack scenarios and chaining techniques to identify vulnerabilities that are often missed by manual tests and static scanners.
Security teams can direct agents with AI-enabled applications such as chatbots, co-pilots, autonomous agents, and LLM-powered workflows to perform comprehensive security testing. The system assesses how applications behave under adversarial attacks and generates vulnerability assessments with actionable remediation guidance.
“I’ve spent 20 years working on the cyber attacker side, inside government agencies, and protecting critical infrastructure, and now I’m building AI systems that think like real attackers,” said Ido Geffen, CEO of Novee. “What we consistently see is that attackers are significantly compressing timelines. The time between vulnerability and exploitation can be down to minutes. To prevent that, we need continuous testing rather than periodic assessment.”
Novee’s research team led the product’s development and distilled the techniques used to identify high-severity vulnerabilities into an AI tool. A research team recently revealed a vulnerability affecting Cursor. This allows an attacker to influence the coding agent’s context window, allowing full remote code execution on the developer’s workstation. Novee currently has additional findings that it is responsiblely disclosing along with other vendors. The results of this ongoing research feed directly into agent training, allowing us to continually understand how real-world attackers find and exploit new AI vulnerabilities and weaknesses.
“Although AI applications introduce a whole new attack surface, most organizations still test them using tools designed for web applications and infrastructure,” said Gon Chalamish, CPO at Novee. “Adversaries are already adapting their techniques to AI systems, and security teams need a way to test these systems in the same way that adversaries attack them.
The agent is designed to work with any LLM-powered application, regardless of the underlying model provider or architecture, including deployments built on OpenAI, Anthropic, or open source models. It can also be integrated into existing security testing workflows and CI/CD pipelines, allowing organizations to test AI-enabled applications as part of broader development and security processes.
Novee’s AI penetration testing agent is currently available in beta, and the company will be demonstrating the technology at booth S-0262 at the RSAC 2026 Conference 2026. Visit here to learn more and schedule a meeting.
