Aptori launches autonomous offensive testing

Aptori said April 26 it added autonomous offensive testing to its Runtime-Driven Validation Platform, sending AI agents to probe running applications and application programming interfaces, or APIs. (prnewswire.com) In plain terms, offensive testing means acting like an attacker to see whether a bug can actually be used, not just whether a scanner can flag it in code. Aptori said its new agents simulate real attack paths in runtime environments. (prnewswire.com) (aptori.com) The company said the product combines artificial intelligence code analysis, dynamic and API testing, and a unified data layer that pulls together findings from code, dependencies, APIs, and runtime systems. It said the platform is available immediately in software-as-a-service and self-hosted versions. (prnewswire.com) Aptori framed the launch around a problem many security teams now describe: AI-assisted coding is increasing software output faster than humans can review it. The company said older tools generate long lists of possible flaws but do not confirm which ones are exploitable. (prnewswire.com) (helpnetsecurity.com) That distinction matters in application security because a confirmed flaw in a live service is a smaller, more actionable target than hundreds of theoretical alerts. Aptori said its agents are designed to find business-logic and authorization problems that conventional automated tools often miss. (prnewswire.com) (aptori.com) The company has been building toward that pitch for months. In September 2025, Aptori launched an AI Triage product it said could narrow large vulnerability queues to exploitable issues, and in April 2026 it said it won three Global InfoSec Awards at RSA Conference. (tmcnet.com) (aptori.com) Aptori’s own product materials describe the system as an “AI Security Engineer” that fits into software development workflows and keeps testing new endpoints as code changes. That puts the company in the part of the security market trying to move from periodic penetration tests to continuous validation. (docs.aptori.dev) (aptori.com) The launch does not include customer counts, pricing, or third-party test results. For now, Aptori is asking buyers to trust that proving exploitability in runtime will cut through the backlog that AI-generated code is creating. (prnewswire.com)