The cybersecurity industry is facing a new reality: traditional vulnerability management is no longer enough. As enterprises rapidly deploy AI-powered applications, autonomous agents, and large language model (LLM) infrastructure, security teams are finding that many of the most dangerous exposures cannot be identified through conventional CVE-based scanning alone. Instead, organizations are increasingly grappling with misconfigured AI services, open machine learning infrastructure, and interconnected systems that create entirely new avenues of attack.
Against this backdrop, CyCognito extends its exposure management platform with continuous AI testing capabilities designed to uncover complex, contextual risks that deterministic scanners often miss. The initiative reflects a broader shift across the industry in which security leaders are moving beyond identifying known vulnerabilities to continually examining how attackers can exploit an organization’s unique environment.
Artificial intelligence creates new blind spots
The rapid adoption of generative AI has dramatically expanded enterprise attack surfaces. Organizations are placed AI co-pilotssearch augmented generation (RAG) systems, Model Context Protocol (MCP) servers, orchestration platforms, and machine learning infrastructure can inventory them faster than many security applications.
Unlike traditional software vulnerabilities, these systems are often vulnerable to configuration errors, excessive privileges, or unexpected exposure between interconnected services. Such vulnerabilities may not have a CVE assigned to them, but they can still provide attackers with direct access to sensitive business data.
💜 of EU technology
The latest rumblings from the EU tech scene, a story from our wise founder Boris and some questionable AI art. Free in your inbox every week. Register now!
According to CyCognito, its platform now identifies more than 60 AI-related technologies, including MCP servers, Ollama, MLflow, PyTorch, Triton, n8n and other components used in enterprise AI applications.
From Detection to Simulated Attacks
Instead of stopping at asset detection, CyCognito’s latest capability uses artificial intelligence agents to simulate how an attacker would move through an organization’s open infrastructure.
Instead of asking whether a vulnerability exists, the system assesses whether a sequence of actions could realistically compromise sensitive systems or expose valuable information. These attack chains combine contextual reasoning, environmental awareness, and multi-step testing that goes far beyond traditional vulnerability scanning.
An original technical deep dive on the company’s recent release continuous AI pentesting it explains how AI agents prioritize testing using contextual intelligence gathered across an organization’s external attack surface, enabling security teams to focus on validated business risk rather than isolated technical findings.
Real-World Findings Highlight Emerging Risks
CyCognito has shared several examples that illustrate the types of exposures that continuous AI testing can identify.
In one case, an outsourced MCP server provided an unproven natural language interface connected to a production CRM environment. By following the sequence emergency injections and interacting with the API, AI agents were able to enumerate backend services and ultimately access millions of customer and financial records without credentials.
Another task revealed a publicly available database supporting RAG deployment. While the authentication protected the AI ​​agent itself, the underlying document repository was publicly accessible, exposing internal documents, contracts, communications, and customer data.
Perhaps most notable was the discovery of an internet-facing physical security platform responsible for managing building access control, surveillance cameras and badge readers. The system is deployed alongside customer-facing AI services without proper segmentation, demonstrating how digital transformation initiatives can inadvertently extend risk to operational technology.
None of these scenarios are based on exploiting a known software vulnerability. Instead, they were driven by architectural decisions, deployment practices, and business context that conventional scanners would likely miss.
Why Continuous Testing is Important
Traditional penetration testing remains an important security practice, but its timely nature limits its effectiveness against daily changing environments.
While AI has accelerated attack testing, many organizations still perform AI-powered assessments as periodic tasks due to the computational cost. According to CyCognito, this often limits deep testing to only the highest priority assets, leaving much of the external attack surface largely untested.
To solve this problem, the company developed what it calls the Target Graphâ„¢, an orchestration layer that combines exposure assessment, threat intelligence, deterministic assessment and business context to determine where AI agents should spend their computational efforts.
This approach allows AI testing to continuously adjust its depth and techniques based on newly discovered assets, changes in the environment, and emerging threat activity.
An additional advantage comes from the system’s feedback loop. Attack techniques successfully validated by AI agents can then be translated into deterministic tests, reducing future computational requirements while extending automated coverage.
Broader Industrial Transition
The emergence of local infrastructure with artificial intelligence is changing the way organizations think about managing externalities. As enterprise environments become increasingly dynamic, security programs are shifting from identifying isolated vulnerabilities to continuously assessing how systems interact and whether those interactions create exploitable pathways.
CyCognito’s recent announcement reflects this evolution. Rather than viewing penetration testing as a random validation exercise, the company envisions AI-driven continuous testing becoming an ever-active component of exposure management.
The initiative, known internally as Project Kineto, is inspired by the transition from continuous photography to moving images, a metaphor for replacing periodic security snapshots with continuous visibility into evolving attack surfaces.
As the adoption of AI in enterprises accelerates, the industry’s challenge may no longer be to find known vulnerabilities, but to understand how countless small risks add up to a meaningful business risk. Continuous AI pentesting represents an emerging approach to solving this problem.
