Xint Pulse offers on-demand black-box penetration testing for web applications
Xint.io has launched Xint Pulse, a black-box autonomous penetration testing tool that provides product security teams with on-demand security assessments of their applications. Unlike the company’s enterprise platform, which is designed for continuous testing, Xint Pulse is intended for timely, one-off penetration tests.
But with Xint Pulse, organizations of all sizes, from startups to large enterprises, can now perform a scan of their applications with the same Xint technology that was named Best Automated Pentesting Platform by The Hacker News in June of 2026 and found high-severity (7.0+ CVSS score) vulnerabilities in the software trusted by billions (such as Linux, Android, iOS, PostgreSQL, Redis, and MariaDB), outperforming even the latest models from frontier labs.
Xint Pulse uses LLMs combined with a proprietary orchestration engine to identify, reproduce, validate and understand critical security vulnerabilities in web application code. It can analyze millions of lines of source code, configuration files and binaries in less than 12 hours at the same depth and detail as a human penetration tester.
At $3,000 per application scan, Xint Pulse is ideal for one-time tests on applications for use cases such as compliance submissions, vendor assessments, pre-release validation, or for small organizations that cannot afford a full, human-led pentest.
“When we launched Xint Enterprise late last year, we successfully demonstrated that we could take the expertise of the most decorated white hat hackers and turn it into the most complete autonomous application security for both black box and white box,” said Jeffrey Martin, Vice President of Product at Xint.io. “With the launch of Pulse we made these powerful capabilities accessible to all size organizations with no compromise on the quality of findings or depth of scanning.”
Xint Pulse currently focuses on black-box testing, that is, an organization provides the URL for its web-based applications and then Xint’s autonomous AI agents probe for intrusion feasibility the way a real attacker would using context to assess the attack paths with the most valuable payoffs. With Xint Pulse, organizations can scan one application and retest up to 3 times inside a 30-day period for $3,000 per application.
Teams then receive a compliance-ready report providing severity scores for each possible vulnerability, full trigger conditions for the exploit, exploit impact so that security teams can spend time and effort on remediating the important results, and suggested remediations to accelerate fixes. With these outputs, customers have been able to create proof-of-concepts (PoCs) for findings in 15 minutes or less and patch the bugs in less than 30 minutes.
Before the end of the year Xint Pulse will also launch white-box testing so that product security teams can upload their source code and scan it line-by-line to find the root cause of vulnerabilities at the code level.