All news with #penetration testing tag

🔐 AWS Security Agent now generates verification scripts for penetration test findings to help teams reproduce and validate discovered vulnerabilities. The tool creates ready-to-run scripts for each confirmed finding that include setup instructions, documented environment variables, and redacted sensitive values. Teams download the script, configure variables, and execute it against targets to streamline triage and speed remediation. Verification scripts are available in all Regions where AWS Security Agent is supported.

🔍 New benchmarks from the UK’s AI Security Institute (AISI) show leading AI models rapidly improving at multi-stage penetration testing, with the difficulty of tasks solvable by models doubling every 4.7 months as of early 2026. The tests measure the longest task an AI can complete with 80% success relative to human work-hours, emphasizing autonomous chaining of steps rather than raw speed. While there are caveats — token limits and inconsistent model performance — the findings highlight growing offensive and defensive implications for enterprise security.

🔒 During day two of Pwn2Own Berlin 2026 at OffensiveCon (May 14–16), competitors earned $385,750 by exploiting 15 unique zero-day vulnerabilities across enterprise products, including Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux. Cheng-Da Tsai (Orange Tsai) earned $200,000 by chaining three bugs to achieve remote code execution as SYSTEM on Exchange, while other researchers demonstrated privilege escalations on Windows and RHEL and exploited the NVIDIA Container Toolkit. The AI category also saw multiple successes against coding agents such as Cursor AI and OpenAI Codex. Under Pwn2Own rules all targets run the latest patched OS versions and vendors receive a 90-day disclosure window to issue fixes.

🔍 The article, by Sila Ozeren Hacioglu of Picus Security, describes the 'PoC Cliff' where automated pentesting delivers strong initial results but rapidly dwindles after a few executions as its deterministic, chained approach exhausts favored attack paths. It contrasts that model with Breach and Attack Simulation (BAS), which runs thousands of independent, atomic tests to validate whether defenses actually detect and block techniques. The piece identifies six critical validation surfaces often left dark and gives three diagnostic vendor questions to close the gap.

🔐 AWS Security Agent is now generally available, offering on-demand, continuous penetration testing across AWS, Azure, GCP, other cloud providers, and on-premises environments. The service deploys autonomous AI agents that combine SAST, DAST, and active exploit attempts to validate findings, reduce false positives, and provide CVSS-scored, reproducible results. Pricing is metered at $50 per task-hour, the product supports authenticated flows via LLM-driven sign-ins, and includes automated remediation suggestions and pull requests to accelerate fixes.

🔒 AWS announced general availability of AWS Security Agent for on-demand penetration testing in six AWS Regions. The service runs autonomous, persistent AI agents that discover, validate, and report vulnerabilities using sophisticated multi-step attack scenarios tailored to each application, producing CVSS scores, reproduction steps, and remediation guidance. Previewed at re:Invent 2025, it aims to convert periodic manual testing into a continuous, scalable capability and supports multicloud and on-premises environments. New customers can try a 2-month free trial and review pricing and documentation to get started.

🔒 AWS Security Agent now lets users generate and download customizable penetration testing reports in PDF format. Reports include an executive summary, test scope and methodology, task details, and comprehensive findings with vulnerability data and risk assessments. Users can filter outputs by risk and confidence levels, finding and task status, and risk types to tailor reports for executives, engineers, or auditors. The capability is intended to accelerate on-demand pentesting from weeks to hours and simplify cross-team review and sharing.

🔒 AWS Security Agent now integrates with AWS Service Quotas, giving teams a centralized view of applied limits and utilization for security workloads. Users can request quota increases through the Service Quotas console, and eligible requests are automatically approved to reduce manual intervention. The update explicitly covers pentesting limits, including action hours and concurrent pentest jobs, helping security and development teams scale testing without unexpected constraints.

🔁 I replaced annual manual penetration tests with continuous automated platforms to gain immediate, repeatable validation and rapid retesting. Platforms like Pentera and Horizon3.ai’s NodeZero simulated black‑box, grey‑box, and custom scenarios on a fortnightly cadence, increasing testing from a single yearly engagement to at least 38 automated simulations annually. This change improved ROI, shifted prioritization from CVSS severity to real attack paths, exposed misconfigurations and ineffective controls, and accelerated team learning and SOC validation.

🔒 AWS describes a multi-agent penetration testing capability in AWS Security Agent that pairs LLM-driven reasoning with specialized scanners and browser-based sign-in to automate complex assessments. The design combines baseline scanning, managed static tests, and a guided explorer that dynamically generates contextual attack tasks. A swarm of risk-focused worker agents executes tests and submits structured findings, which are then validated via deterministic checks and LLM-assisted exploit attempts and scored with CVSS to produce actionable remediation reports.

🔒 AWS Security Agent now enables customers to run penetration tests against Virtual Private Cloud (VPC) resources shared from other AWS accounts within the same organization. By using AWS Resource Access Manager (RAM), teams can securely share VPCs from sub-accounts to a central account where an Agent Space performs assessments. This capability simplifies testing across distributed, multi-account architectures and improves visibility into shared network security posture. To get started, ensure accounts are in the same AWS Organization and configure RAM before launching the agent.

🤖 Bugcrowd's survey of 2,000 security researchers found 82% now incorporate AI into their workflows, up from 64% in 2023. Respondents highlighted automation of repetitive tasks, analysis of messy or large codebases, and AI as a research assistant as primary use cases. Organizations gain faster, more comprehensive and higher-quality findings without necessarily increasing budgets. The report also notes stronger outcomes from team collaboration and outlines key community demographics.

🔒On the first day of Pwn2Own Ireland 2025, security researchers exploited 34 unique zero-day vulnerabilities and collected $522,500 in cash awards. Team DDOS (Bongeun Koo and Evangelos Daravigkas) chained eight flaws to compromise a QNAP Qhora-322 router via its WAN interface and access a QNAP TS-453E, earning $100,000 and moving into second place on the Master of Pwn leaderboard. The Summoning Team led day one with $102,500 and 11.5 points after multiple successful root exploits. The Zero Day Initiative (ZDI) organized the event and coordinates 90-day responsible disclosure with affected vendors.

🔒 Modern MSSP and MDR models that focus on detection and response are increasingly insufficient as hybrid infrastructures and rapid cloud and third‑party changes expand attack surfaces. Unified Exposure Management Platforms (UEMPs) continuously discover assets, validate exploitability with automated simulations and penetration testing, and coordinate remediation to produce verifiable, business‑aligned risk reduction. Vendors like Picus Security package CTEM stages into a workflow that prioritizes, validates, and mobilizes fixes to shift security from reaction to prevention.

🛡️ Penetration testing remains a critical control, but the classic, one-size-fits-all approach can create hidden financial and operational burdens. Administrative overheads, complex scoping decisions and indirect remediation work all add time and cost while risking scope creep and disruption. The article recommends flexible, consumption-based models—such as PTaaS and Outpost24's CyberFlex—to improve coverage, transparency and ROI.

🔁 Penetration testing delivery must evolve from static, manual reports to automated, real-time workflows that shorten remediation cycles and improve visibility. This contributed piece highlights seven practical automation workflows — from auto-creating remediation tickets in Jira or ServiceNow to auto-closing informational findings — that reduce triage noise and accelerate fixes. Implementing targeted rules and alerts ensures findings reach the right teams immediately and supports continuous testing practices.

🧭 Villager, an AI-native penetration testing framework developed by Chinese group Cyberspike, has reached nearly 11,000 downloads on PyPI just two months after release. The tool integrates Kali Linux utilities with DeepSeek AI models and operates as a Model Context Protocol (MCP) client to automate red team workflows. Researchers at Straiker reported that Villager can spin up on-demand Kali containers, automate browser testing, use a database of more than 4,200 prompts for decision-making, and deploy self-destructing containers — features that lower the barrier to sophisticated attacks and raise concerns about dual-use abuse.

⚠️ The AI-driven penetration testing framework Villager, attributed to China-linked developer Cyberspike, has attracted nearly 11,000 PyPI downloads since its July 2025 upload, prompting warnings about potential abuse. Marketed as a red‑teaming automation platform, it integrates Kali toolsets, LangChain, and AI models to convert natural‑language commands into technical actions and orchestrate tests. Researchers found built‑in plugins resembling remote access tools and known hacktools, and note Villager’s use of ephemeral Kali containers, randomized ports, and an AI task layer that together lower the bar for misuse and complicate detection and attribution.

🔁 Automation is reshaping how penetration test findings are delivered and acted upon. Traditional static reports—PDFs, emailed documents, and spreadsheets—create delays and manual handoffs that undermine remediation speed. Platforms like PlexTrac centralize scanner and manual findings and enable real-time routing, ticketing, and retesting to reduce MTTR and standardize workflows across teams. By automating triage, assignment, and triggered validation into existing tools (Jira, ServiceNow, Slack), teams get faster handoffs, consistent remediation lifecycles, and measurable operational gains. Start small, iterate workflows, and measure MTTR improvements to avoid common pitfalls like overengineering or stale automation.

🔁 Pentesting remains a critical control for uncovering real-world vulnerabilities, but static PDF reports and spreadsheet handoffs create delays and inefficiencies. The piece advocates automating pentest delivery so findings are consolidated and routed in real time through rules-based workflows, enabling teams to act immediately and reduce churn. Platforms like PlexTrac are highlighted for centralizing manual and scanner outputs, automating ticketing into tools such as Jira and ServiceNow, and triggering retests to close the loop. The result is faster remediation, standardized processes, and measurable reductions in MTTR for both service providers and enterprises.