The next evolution of the penetration test must include agentic AI (www.techradar.com)

The evolution of penetration testing is being reshaped by the emergence of agentic AI, which significantly challenges the traditional notion of what it means to be "tested." While 95% of organizations prioritize penetration testing, only 32% of their attack surface is rigorously tested, leading to a disconnect between perceived security and actual vulnerabilities. The slow, manual processes of human-led testing are no longer sufficient in a landscape where adversaries leverage AI for rapid and creative exploitation, reducing the time for potential attacks to just hours after a vulnerability is disclosed. To address this issue, the next generation of penetration testing must integrate agentic AI on the defensive side, transforming testing from a scheduled event into a continuous validation posture. This approach leverages AI's capability for extensive and rapid analysis, allowing human experts to focus on complex, creative problem-solving. Organizations that adopt this combined methodology have seen significant reductions in remediation time for critical vulnerabilities, refocusing talent where it can be most effective. By redefining what "tested" means, organizations can enhance their security postures in a landscape where threats evolve rapidly.