Intruder brings AI-powered, on-demand penetration testing to web applications

Intruder has announced the launch of AI Pentesting for web applications, providing on-demand penetration testing. Following its initial release of issue-level investigations last quarter, the platform now allows organizations to securely connect their codebases via GitHub or GitLab to automatically scope and launch penetration tests in minutes, with results and audit-ready reporting in hours.

Mythos and Daybreak have proven that AI is extremely adept at finding security vulnerabilities. At the same time, AI is accelerating attacker capability. Annual pentests do not offer organizations the same level of protection they once did, and are misaligned to the way businesses are shipping code today. Major deployments are happening weekly, and without more frequent pentesting, security and engineering risk falling dangerously out of step.

Stretched teams, faster engineering

According to Intruder’s latest survey, The Security Middle Child Report, 49% of security leaders cite AI and automation as their top investment priority for 2026. Meanwhile, AI-assisted “vibe coding” is shipping insecure code faster. Engineering teams moving quickly with AI coding assistants are introducing new application vulnerabilities at pace, without sufficient security review, creating a growing need for continuous app testing.

AI-enabled security solutions are now essential for security teams. Embracing autonomous capabilities is the only viable path toward a truly continuous approach to security. This shift is critical in a world where the average time-to-exploit has collapsed to a single day, a window that is projected to drop further in the coming months.

“Our mission at Intruder has always been to make robust cybersecurity accessible to everyone,” said Andy Hornegold, Chief Security Technologist at Intruder. “Providing web application testing marks an exciting step on that journey. By delivering the depth of a pentest on demand and at a fraction of the price, we’re helping businesses keep up with an accelerating threat environment.”

On-demand pentesting

Intruder’s web application penetration testing is powered by autonomous AI agents that actively discover weaknesses across application ecosystems. Intruder’s AI Pentesting brings the strategic depth and creative problem-solving of a manual, human-led engagement into an automated framework that organizations can run on every release.

Designed to transform how modern engineering and security teams manage software risk, the framework delivers critical capabilities out of the box:

  • White-box pentests: Pentesting agents have full awareness of the system they are testing by ingesting the codebase.
  • Built by CREST-certified pentesters: Our pentests are run by AI built and trained by CREST-certified pentesters to operate and think like the best human pentesters.
  • Tests in minutes: Pentests run in minutes to hours, depending on the complexity of the web application being tested. No scoping or scheduling.
  • Audit-level reporting: A full pentest report is provided that can be used as evidence for SOC 2, ISO 27001 and other compliance frameworks.
  • Affordable accessibility: Automated web application pentest costs 25% or less than a traditional manual engagement with results available in hours instead of weeks to months.

“Historically, the cost of a pentest has been very high and has taken a long time,” said Chris Wallis, CEO at Intruder. “In today’s accelerated threat environment, that timeline and cost don’t hold up. We’re ensuring that resource-constrained small and medium-sized businesses aren’t excluded from good security purely based on budget.”

“Securing a global AI platform requires continuous defense,” said Zach Rattner, CTO at Yembo. “While Yembo continues to leverage human pentesters, annual assessments alone leave dangerous windows of exposure. Intruder’s AI pentesting bridges that gap by delivering human-grade depth at machine speed to keep our platform permanently hardened.”

More about

Don't miss