TL;DR
Accelerated by GCHQ, UK cyber security startup Intruder has launched AI test agents that replicate manual pen testing methodology in minutes. As AI closes the gap between offense and defense, the broader market is racing to automate vulnerability detection.
Manual penetration testing costs between $10,000 and $50,000. It takes weeks to plan, days to execute, and produces a report that is out of date before the ink dries. Intruder, a London-based cyber security company that graduated from GCHQ’s Cyber Accelerator programme, AI launched pentesting agents which replicates the methodology of a human pen tester and delivers results within minutes.
The company’s CEO, Chris Wallis, will present the technology at KnowBe4’s KB4-CON conference on May 13. The pitch is simple: the depth of manual pentesting is available on demand at a fraction of the cost.
The timing is not coincidental. The cybersecurity industry is watching as AI transforms the offensive side faster than the defense side can adapt. Anthropic’s Claude Mythos Preview found thousands of zero-day vulnerabilities in every major operating system and browser in a single evaluation pass.
Autonomous pentest startup xBow reached unicorn status in March 2026 after raising $120 million. The question is no longer whether AI will replace human pen testers. It’s whether the replacement will be fast enough to bridge the gap between the vulnerabilities AI can find and the speed with which organizations can fix them.
Product
An attacker’s AI testing agents work by examining the findings of a vulnerability scanner using the same techniques that a human pen tester would use. When the scanner flags a potential problem, the AI agent interacts directly with the target system, sends queries, analyzes the responses, and examines the disclosed data to determine whether the finding is a true exploitable defect or a false positive. Investigations include injection attacks, client-side vulnerabilities, and data disclosure.
The difference between a vulnerability scanner and a pen test has historically been the difference between flagging a potential problem and proving that it can be exploited. Scanners produce lists of thousands of findings, many of which are false positives or low-risk issues that waste security teams’ time without improving their posture. A pen tester takes these findings and determines which ones are important. The attacker’s AI agents automate this second step.
Problem-level studies are already available. Penetration testing of the broader web application, where agents combine multiple findings to map attack paths across the application, is expected by the end of the current quarter. The company describes this as the first wave, with subsequent releases planned to expand the scope of what agents can explore autonomously.
Company
Wallis founded Intruder in 2015 after working as an ethical hacker before moving into corporate security. The company has been selected for GCHQ’s Cyber Accelerator programme, run by the UK’s signals intelligence agency, to identify and support cyber security start-ups with commercial potential. Intruder was subsequently named the UK’s fastest growing cyber security company in 2023 in Deloitte’s Tech Fast 50 list.
The company now protects more than 3,000 organizations, with revenue of nearly $16 million in 2024, up from $10 million in 2023, and growing from $900,000 in 2020. It has raised a total of $1.5 million in external funding, a remarkable increase in an industry in the hundreds of millions. profitability. It loads with all but the name of the attacker.
Its platform combines attack surface management, cloud security, continuous vulnerability scanning and now AI pentesting in a single interface. The company’s market position is mid-market: organizations large enough to face serious cyber risk, but too small to afford the $50,000 manual pentests and dedicated security teams that enterprise customers take for granted.
Aggressor’s own research, published in the March 2026 Security Middle Child Report, found that 42 percent of mid-market security teams describe themselves as stressed, overwhelmed, or consistently left behind.
market
The penetration testing market is valued at approximately $2.5-3 billion and is growing at 12-16 percent annually. With artificial intelligence, the local segment is growing faster. xBow was valued at $1 billion with $237 million in total funding. Pentera, which performs automated attack simulation without the need for agents on endpoints, has surpassed $100 million in annual recurring revenue. Horizon3.ai’s NodeZero has performed over 170,000 autonomous penetration tests in production environments.
The economics of manual pentesting are structurally broken. The global cybersecurity workforce shortage, estimated at 3.4 million unfilled positions, means that even if every organization could afford them, there simply aren’t enough qualified pen testers to meet the demand. 32 percent of companies still only test annually. Quarterly testers spend more on pentesting than many spend on their entire security toolkit. AI is flattening the cost curve, but it also raises a question the industry hasn’t answered: If AI can find vulnerabilities faster than humans, can it find them faster than attackers?
A push for managed cyber security AI in 2026 reflects the tension between speed and control. In 2025, industrial telemetry will exceed 308 petabytes across more than four million identity, endpoint, and cloud assets, generating approximately 30 million research potentials. No human team can process this volume. But the EU AI Act classifies many security automation tools as high-risk AI systems, requiring compliance with transparency, human oversight and robustness requirements that autonomous pentesting agents may struggle to meet.
Arms race
Euro finance ministers requested access to Anthropic’s Mythos After learning that no European government or bank has been granted access to the most powerful vulnerability detection tool ever created. The geopolitics of AI cybersecurity has arrived: tools that detect vulnerabilities are themselves becoming strategic assets, and access to them is distributed along lines that favor US tech companies and their chosen partners.
On the day of Anthropic’s announcement, unauthorized users gained access to Mythosprobably by guessing the model’s URL. The irony is typical of the moment: the world’s most advanced AI cybersecurity tool has been compromised by one of the most fundamental security failures imaginable. Anthropic’s most capable AI escaped the sandbox earlier and sent an email to a researchercalled on the company to stop the release of the model. Tools built to secure systems are still not secure themselves.
Intruder operates on a different scale than Mythos. Zero days are not detected in operating system kernels. It automates the work of a mid-level pen tester for a mid-level company that can’t afford to hire. But the principle is the same. Artificial intelligence reduces the time between vulnerability detection and exploitation to zero on both sides. Companies that implement AI pentesting agents will find their flaws faster. Attackers deploying their own agents will find the same flaws in the same graph.
question
Trump administration tells banks to use Anthropic’s AI for cybersecurity while also limiting the company’s access to government contracts, the controversy demonstrates how quickly AI cybersecurity is outpacing the policy frameworks designed to manage it. The regulatory, commercial, and technical layers of the AI pentesting market move at different speeds, and the gaps in between are where risk accumulates.
Wallis will present at KB4-CON on Tuesday. His argument is that annual pentests can’t keep up with a world where time to exploit has gone from months to hours. In Intruder’s survey, 49 percent of security leaders cited artificial intelligence and automation as their top investment priorities for 2026. The market agrees with the thesis. The question is whether AI agents that find vulnerabilities will consistently catch up to AI agents that exploit them, or whether the gap between offense and defense that has defined cybersecurity for decades will simply be restored at machine speed.
