When a CISO tells the board “we tested that system last quarter,” it sounds reassuring. But in today’s threat landscape, it’s a measurement that no longer maps to reality.
Recent industry research shows that while 95% of organizations prioritize penetration testing, only 32% of their attack surface is actually tested. The problem isn’t that penetration testing is broken. It’s that the word “tested” no longer means what organizations think it does.
CEO and Co-Founder, Synack.
Penetration testing used to involve a small team of humans spending a limited amount of time in a system – mapping what they could reach, identifying vulnerabilities within that window, and compiling results into a static report.
That model was already under pressure from the pace of change. Then AI broke it.
“Tested” simply isn’t pulling its weight anymore.
Agentic AI is rewriting the rules
For more than a decade, automation was the advantage. Mass scanners and automated reconnaissance ran constantly, but they were noisy and required security teams to sift through the output. Defense was slower, but more precise where it mattered.
Humans could chain findings, understand business context, and stay one step ahead of attackers. The economics weren’t always favorable, but they were workable.
That trade has now broken down. Agentic AI is compressing reconnaissance from days to hours. These frontier models reason about endpoints that aren’t visible in the UI and they can chain low-impact findings into business-logic exploits. The time between a CVE’s public disclosure and the first observed threat-actor exploitation has collapsed to a matter of hours.
That isn’t a faster scanner. It’s a creative attacker that never sleeps, never gets bored, and runs at the cost of compute.
Now consider what an annual pentest actually buys you against that threat. It’s a snapshot of an attack surface that’s changing by the hour, against an adversary that doesn’t wait for the next audit. Your board doesn’t know that. Your auditors don’t know that. And it is increasingly the structural reason why organizations get breached between audits.
What “tested” needs to mean now
The only way defenders can win is by fighting AI with AI. The next evolution of the penetration test must include agentic AI on the defense side. Here’s what that looks like.
“Tested” stops being a calendar event and becomes a posture – continuous validation against the latest exploit techniques, on the assets that actually matter, with humans focused on the findings only humans can produce.
The test needs to explain what’s exploited and confirmed. While a scanner can tell you a vulnerability might exist; agentic AI can tell you whether it actually fires in your environment.
That distinction, at scale, is the difference between a six-figure ticket queue your team will never burn down and a short list of things that will kill you next Tuesday. We have found that roughly 40% of the vulnerabilities we find are critical or high. The signal is there. Most teams just can’t get to it fast enough.
And it stops being a humans-or-machines argument. It is both, and they’re deployed differently. AI handles the breadth, the speed, the chained reasoning attackers are already running against you.
Humans handle the creativity, the business logic, the things an algorithm has yet to model. Customers running this combined model cut average remediation time on critical vulnerabilities from 63 days to 38 in a single year, a 47% reduction across severity levels.
That doesn’t happen because they bought more tooling. It happens because their definition of “tested” became continuous.
The talent question, reframed
The cybersecurity skills gap is real, but the issue isn’t a shortage of practitioners. It’s a lack of senior judgment, applied where it matters. Much of the work consuming our industry’s most experienced researchers is reconnaissance, triage, retesting, and sifting scanner output. That is the exact work agentic AI is now good enough to take on.
Redefining “tested” frees that talent. It puts senior researchers back on the problems machines can’t solve: novel attack paths and business-logic abuse – the chains that a creative human spots and a model can’t reason its way to. While the UK government has set out a vision for defensive AI that operates at machine speed, the talent piece of that vision only works if we stop asking humans to do machine-speed work.
What I’d ask a CISO today
Pick the system in your environment that, if compromised, would put you on the front page. Now answer this: when was it last exploited under controlled conditions – not scanned, not reviewed -but actually attacked and confirmed?
If the answer is “in our last annual pentest,” the word “tested” in your security program has stopped meaning what you need it to mean. Fix the word, and the rest of the program has a chance to follow.
We feature the best internet security suites for PCs, Macs and mobile devices.
This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.
The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit
