ChannelLife UK - Industry insider news for technology resellers
United Kingdom
Intruder launches AI pentesting for web apps on demand

Intruder launches AI pentesting for web apps on demand

Fri, 17th Jul 2026 (Yesterday)
Sean Mitchell
SEAN MITCHELL Publisher

Intruder has launched an AI pentesting service for web applications, adding on-demand penetration testing to its security platform.

The service lets customers connect source code repositories through GitHub or GitLab so tests can be scoped and started automatically. Results and audit-ready reports are produced within hours, rather than the weeks or months often associated with manual engagements.

The launch builds on Intruder's earlier use of AI for issue-level investigations, where autonomous agents validated scanner findings. With the new release, the company is moving into full-scale white-box testing, using access to a codebase to search for weaknesses across an application.

Intruder says the system was built and trained by CREST-certified pentesters and is intended to mirror how experienced human testers work. The agents reason through applications and adapt their approach as they test.

Cost pressure

Pricing starts at USD $3,500 per test. According to Intruder, automated web application tests cost 25% or less of a traditional manual engagement.

That pricing is aimed in part at smaller businesses that may struggle to pay for frequent manual pentests. Existing customers can view web application pentest findings alongside attack surface, cloud, and vulnerability data in the same platform.

The move comes as security teams face pressure to review software released more frequently by engineering groups using AI coding tools. Intruder cited its own survey of security leaders, which found that 49% named AI and automation as their top investment priority for 2026.

Intruder argues that annual pentests no longer match software release cycles in many businesses, where major deployments may happen weekly. It also points to a shrinking window between the disclosure of vulnerabilities and their exploitation by attackers.

The service is designed for security, IT, and development teams that want more regular application testing without the scheduling overhead of conventional pentest projects. Reports generated by the service can be used as evidence for compliance frameworks including SOC 2 and ISO 27001.

Andy Hornegold, Chief Security Technologist at Intruder, said the launch reflects the company's long-standing aim to broaden access to security testing.

"Our mission at Intruder has always been to make robust cybersecurity accessible to everyone," said Andy Hornegold, Chief Security Technologist at Intruder. "Providing web application testing marks an exciting step on that journey. By delivering the depth of a pentest on demand and at a fraction of the price, we're helping businesses keep up with an accelerating threat environment."

Broader shift

The launch comes as suppliers across the market try to use AI to automate more of the work traditionally carried out by security consultants. Intruder pointed to recent industry attention on AI systems that can identify software flaws, while warning that attackers are using similar tools to speed up offensive activity.

For customers, the main operational change is the ability to run tests more often and closer to release cycles. Rather than commissioning a one-off annual review, organisations could use automated pentesting as part of routine software delivery.

Chris Wallis, Chief Executive Officer and Founder of Intruder, framed the argument around time and budget constraints for smaller organisations.

"Historically, the cost of a pentest has been very high and has taken a long time," said Chris Wallis, Chief Executive Officer and Founder of Intruder. "In today's accelerated threat environment, that timeline and cost don't hold up. We're ensuring that resource-constrained small and medium-sized businesses aren't excluded from good security purely based on budget."

One customer cited by Intruder said the appeal lies in filling the gap between formal annual assessments. Yembo, which continues to use human pentesters, said more continuous testing is needed to reduce exposure between scheduled reviews.

"Securing a global AI platform requires continuous defense," said Zach Rattner, Chief Technology Officer and Co-Founder of Yembo. "While Yembo continues to leverage human pentesters, annual assessments alone leave dangerous windows of exposure. Intruder's AI pentesting bridges that gap by delivering human-grade depth at machine speed to keep our platform permanently hardened."