Multi-agent orchestration with human-in-the-loop oversight compresses full-scope pentest engagements from weeks to under 48 hours
PLANO, Texas, April 10, 2026 /PRNewswire/ -- Strobes, a leader in Exposure Management, today announced the launch of its proprietary AI Harness, a multi-agent orchestration engine that powers end-to-end AI Penetration Testing across cloud, web, API, and enterprise environments. The platform delivers full-scope engagements that historically consumed two to four weeks in under 48 hours, without sacrificing rigor, traceability, or oversight.
The problem: pentests are slow because of coordination, not technique
Penetration testing has been shaped less by the difficulty of the technical work than by the overhead around it: reconnaissance, enumeration, exploitation, evidence collection, peer review, and report writing, each handed off serially with idle time in between.
"Why does a pentest still take three weeks in 2026?" said Venu Rao, CEO & Co-founder at Strobes. "It's the coordination overhead, the context switching, and the serial nature of the process. Our AI Harness runs these workstreams in parallel, around the clock, delivering output on par with a senior pentester in a fraction of the time."
How it works: a supervisor, purpose-built agents, and parallel execution
A supervisor agent decomposes security objectives into discrete tasks and dispatches them to domain-specialized sub-agents:
- Cloud Pentesting Agent: AWS, Azure, GCP configuration review, IAM analysis, misconfiguration detection
- Web Pentesting Agent: OWASP Top 10, authentication flaws, business-logic testing
- API Pentesting Agent: REST and GraphQL discovery, authorization testing, injection checks
- Network Pentesting Agent: infrastructure reconnaissance and service-level testing
- Code Review Agent: SAST-aware triage of code-level findings
- Threat Intelligence & Compliance Agents: exploit enrichment, mapping to SOC 2, ISO 27001, PCI DSS
Agents run simultaneously and exchange findings through structured data. The harness runs on Strobes' own agent runtime built on best-in-class foundation models, including Anthropic Claude on AWS Bedrock, with guardrail middleware and persistent agent memory purpose-built for security operations.
The results
In internal benchmarks and early customer engagements the AI Harness has, in a single session:
- Coordinated scans across 128 cloud assets spanning three AWS regions
- Surfaced 47 critical findings within hours
- Generated remediation tickets automatically
- Produced a client-ready PDF report end-to-end
For full-scope web application pentests, the AI Harness consistently delivers complete engagements in under 48 hours.
Speed without losing control
Any action with real-world impact surfaces an approval card requiring explicit human authorization. Every engagement runs in a dedicated workspace recording agent reasoning, tool calls, and decision points. Customer data stays inside the customer's tenant boundary via a schema-per-tenant database model.
Closing the gap between discovery and action
Results flow directly into systems security teams already use:
- Ticketing: Jira, ServiceNow, GitHub Issues, Azure DevOps
- Reporting: client-ready PDF and CSV reports in the same session
- Compliance: automatic mapping to SOC 2, ISO 27001, PCI DSS
- ChatOps and SIEM: Slack, Teams, Splunk, Sentinel via webhook and API
About Strobes
Strobes is a leader in Exposure Management, unifying vulnerability management, AI Penetration Testing, and risk-based prioritization on a single platform. Trusted by security teams worldwide, Strobes helps organizations discover, assess, and remediate threats across their entire attack surface.
SOURCE Strobes Security
Recommended For You:
