← All insights
AI & Economics June 8, 2026 6 min read

Human-Led, AI-Amplified: What It Actually Means (and What "AI Pentesting" Gets Wrong)

By Bill Terwilliger

Walk any security trade show floor right now and you will trip over the phrase “AI-powered penetration testing.” It is on every booth. It means almost nothing, because it is being used to describe two opposite things: tools that replace human testers, and teams that use AI to do better human testing. Those are not the same product, and the difference determines whether you find the vulnerability that matters or get a prettier scan report.

Here is how we think about it, and why we land where we do.

The two ways to put AI in a penetration test

Replacement. Point an autonomous system at a target and let it find and report issues with no human in the loop. The pitch is speed and price, and on those terms it delivers. The problem is what it cannot do, which is most of what a real attacker does.

Amplification. Keep senior humans in charge of the engagement and give them AI to handle the parts of the work that do not require judgment. The testers go faster and cover more ground, but a person still decides what to attack, performs the exploitation, and validates every finding.

We build the second kind. Not out of nostalgia for manual work, but because the first kind misses the vulnerabilities that cause breaches.

What AI is genuinely good at

We are not AI skeptics. Our own tooling runs on it, and it earns its place:

  • Breadth. AI works your entire attack surface in parallel, faster and more thoroughly than a human enumerating by hand. Nothing falls off the list because someone ran out of hours.
  • Triage. It sorts the signal from the noise in scanner and recon output, so our engineers start the day looking at leads worth chasing instead of a thousand low-value alerts.
  • Speed on the rote work. Reconnaissance, fingerprinting, first-pass documentation: the necessary but unglamorous hours that used to eat into an engagement.

That is real leverage. It is why we can offer more coverage, or a lower price, than a labor-only model.

What AI is still bad at (and attackers exploit)

Then there is the work AI cannot do, which happens to be the work that finds the serious flaws:

  • Business logic. A machine does not understand that your “transfer funds” endpoint should check whether the account belongs to the logged-in user. It has no model of what your application is for, so it cannot recognize when the application does something it should not. Authorization flaws, privilege escalation through legitimate features, multi-step abuse of normal functionality: these are invisible to a scanner and obvious to a skilled human.
  • Chaining. Real attacks are rarely one vulnerability. They are a low-severity information leak that reveals an internal hostname, that exposes a forgotten service, that accepts default credentials, that grants a foothold. Stringing those together into a path to your crown jewels takes a creative human who can hold the whole picture.
  • Judgment about impact. “Is this exploitable in practice, against this environment, in a way that matters to this business?” is a judgment call. Tools flag possibilities. Humans prove consequences.

An AI-only test is strong exactly where automated scanners were always strong, and blind exactly where they were always blind. The marketing changed. The blind spot did not.

Why the combination beats either alone

Put the two together correctly and you get something neither delivers on its own.

The AI handles breadth and speed, so no part of your attack surface goes untested for lack of time, and your senior engineers are not burning their best hours on reconnaissance. Those engineers then spend their time where only humans can: exploiting business logic, chaining findings into real attack paths, and proving impact. Every finding that reaches your report was validated and exploited by a person, so you get proof rather than a probability score.

That is the whole model in one sentence: the reach of automation with the judgment of senior humans, in a single engagement. More found, found faster, and nothing important missed.

How to tell which kind you are buying

When a vendor says “AI-powered,” ask: who validates the findings? If the answer is “the platform,” you are buying replacement, and you should price it like the scan it is. If the answer is “a senior engineer, every finding,” you are buying amplification.

Then ask the question that really separates them: can you walk me through a business-logic flaw you found that a scanner would have missed? A human-led team has a dozen stories. An AI-only product changes the subject.

Scanners cannot replace expertise. The firms worth hiring use AI to amplify it. That is the line we test on, and it is the line you should buy on.

Want to see what human-led, AI-amplified testing surfaces in your environment? Book an assessment.

Get started

Find out what others missed.

A penetration test costs a fraction of a breach. Spend a few days finding the flaw, not millions recovering from it.

Book an Assessment Explore Services