Penetration testing stories

HackerOne warns AI rollouts are outpacing security, with 89% of organisations lacking full testing and incidents driving up costs.

Terra Security becomes first AWS partner validated for Autonomous Security Validation, as AI-driven continuous threat testing gains pace.

New research from Cobalt finds 98% of surveyed pentesters prefer PTaaS to bug bounties and show almost no faith in AI-only security scanning.

Agentic AI massively accelerates elite cyber teams but can slow inexperienced hackers, Hack The Box's large-scale benchmark reveals.

LevelBlue debuts Exposure Management for Partners with Tenable, giving MSSPs and MSPs tiered, unified exposure and risk visibility tools.

Cyber consultancy Reversec has named former Accenture executive Åse Holmberg Zetterlund as CEO to drive its next phase of global expansion.

Cybersecurity is missing vital human insight; drawing in women and non‑STEM talent could close both the threat and perspective gaps.

As cyber threats grow, more women are entering security roles, yet leadership remains male-dominated, risking lost talent and weaker defences.

LevelBlue launches Resilience Retainer, a flexible funds-based cyber incident response service with rapid SLAs and rollover security spend.

Homogeneous cybersecurity leadership is a critical, overlooked point of failure; true defence in depth demands diversity as a core control.

F5 Labs launches monthly AI security leaderboards, ranking popular models on new indices of risk, resilience and cost under live attack.

Security debt hits 82% of organisations as legacy flaws linger over a year, with third-party code driving most critical vulnerabilities.

Simbian launches an AI Pentest Agent that runs continuous, adaptive penetration tests, promising faster, context-aware vulnerability detection.

3DiVi unveils four-layer defence model to harden face authentication against deepfakes and spoofing as remote ID checks surge globally.

CompTIA unveils SecAI+ certification to equip cybersecurity professionals with AI security, risk management and governance skills.

Hackers are abandoning noisy ransomware to quietly steal data, as a report finds 80% of top attack techniques now focus on evasion.

Cyber firms warned over 'verification crisis' as tools flag floods of flaws but only 0.47% prove exploitable, leaving real risk unresolved.

Bitget and BlockSec launch a UEX Security Standard, urging provable, system-wide safeguards for unified multi-asset trading platforms.

SpecterOps has launched BloodHound Scentry, a managed identity risk service to find and remediate attack paths across complex environments.

Flare reports 114% annual growth among MSSPs as providers consolidate threat intelligence tools to boost services without extra analyst strain.