Cobalt adds continuous pentesting AI capabilities to scale offensive security and real-world risk

Cobalt has released new AI capabilities for continuous pentesting. Delivered through the Cobalt Offensive Security Platform, these next-generation components integrate AI with human pentesters and more than a decade of proprietary pentesting intelligence to accelerate the speed, scale, and depth of offensive security programs.

Attackers are increasingly using AI to automate reconnaissance, vulnerability discovery, and exploitation. At the same time, development practices are accelerating release velocity and expanding the attack surface across APIs, microservices, cloud infrastructure, and AI-powered applications. Security teams can no longer rely on periodic testing to understand their exposure, they must validate real-world risk continuously.

The Cobalt Platform enables organizations to move beyond point-in-time testing and adopt a programmatic approach to offensive security that continuously adapts to evolving environments. Using the largest dataset of real-world pentesting intelligence in the industry, it applies historical exploit intelligence to refine testing logic and ensure every engagement is smarter than the last.

New features and functionality include:

• Automated reconnaissance: The AI-powered platform autonomously maps the entire attack surface, from complex JavaScript routes to hidden shadow APIs and forgotten subdomains. This identifies every potential entry point and provides human testers with a high-fidelity roadmap from the start of every engagement.
• AI-powered vulnerability discovery: By combining automated scanning with AI-driven credential validation, the Cobalt Platform ensures exhaustive coverage of all form fields and CVEs, including critical vulnerabilities like those in Log4j and WordPress. This autonomously validates access and surface-level flaws to provide an immediate baseline of enterprise risk.
• Proprietary data enrichment: Every finding is enriched with context from public exploit feeds and over a decade of proprietary historical intelligence. By merging global threat data with a unique offensive security dataset, the Cobalt Platform provides the critical context needed to frame findings based on actual adversarial behavior.
• AI-driven deduplication and triage: An AI-driven triage engine automatically normalizes and deduplicates findings across all scanner outputs into a single, cohesive view. By distilling high-volume data into verified findings, the platform ensures pentesters are focused on creative attack scenarios that present the real risk to the business.

These enhancements build on additional AI capabilities released in Q4 2025, including AI-Powered Reporting and Insights. AI reporting automates vulnerability documentation, benchmarks results against aggregated security data, and provides natural-language access to product guidance. By combining an AI report writer, insights and benchmarking capabilities, and an AI documentation assistant, the Cobalt Platform accelerates report delivery, contextualizes findings with industry data, and helps security teams quickly understand and remediate risk.

With only a few clicks to scope and set up a pentest, the Cobalt Platform initiates testing automatically to ensure depth and quality before human experts engage. Because reconnaissance and scanning are now fully automated, pentesters spend 0% of their time on basic discovery and 100% of their time on high-value exploitation.

“AI is a powerful productivity tool, but a poor substitute for expertise,” said Sonali Shah, CEO of Cobalt. “After running thousands of pentests annually, analyzing millions of vulnerability signals, and refining our platform alongside a global community of elite pentesters, we’ve built one of the deepest datasets of real-world offensive security intelligence in the industry. By integrating AI across the entire testing lifecycle—from reconnaissance to remediation—we give our experts the bandwidth to think like real attackers. That’s how we deliver the frequency of automation with the depth of human-led adversarial testing.”

“While many continuous solutions rely solely on AI and scripts, the human validation provided at Cobalt is the key differentiator,” said Jon Cheuvront, Sr. Security Engineer, Gallagher. “By leveraging the company’s pentesting expertise, we move beyond the noise of raw data, allowing our team to focus on high-impact remediation rather than manual de-duplication.”

The Cobalt Platform also introduces compatibility with the model context protocol (MCP), enabling AI assistants to securely interface with pentest data so security teams can query testing results, triage findings, and correlate risk through natural-language workflows.