Sprocket Security Unveils Apex AI for Enhanced Penetration Testing

Sprocket Security has launched Apex, its first AI penetration testing agent, designed to enhance vulnerability discovery in web applications. Apex conducts autonomous, context-aware testing, identifying exploitable vulnerabilities at machine speed. The agent integrates with Sprocket's attack surface management platform, utilizing historical data from continuous penetration tests since 2018. Human testers supervise Apex to validate findings, ensuring security teams can prioritize responses effectively. Apex targets the OWASP Top 10 vulnerabilities and generates Attack Narratives for each test run. The service operates under a SOC 2 environment with a zero-data-retention policy, ensuring customer data is not used for model training. Additional AI agents are scheduled for release later in 2026. This launch represents a significant advancement in continuous penetration testing methodologies.

Key Points: • Apex is Sprocket Security's first AI penetration testing agent, enhancing vulnerability discovery. • The agent operates autonomously, supervised by human testers to validate findings. • Apex targets OWASP Top 10 vulnerabilities and generates detailed Attack Narratives.