Ridge Security, a company specializing in AI-powered offensive security, has announced RidgeGen, an Agentic AI framework designed to advance security validation from automation to autonomy. The framework powers Ridge Security’s flagship product, RidgeBot, to provide intelligent, context-aware offensive security validation across IT, operational technology (OT), and AI infrastructure.

Lydia Zhang, President and co-Founder of Ridge Security, stated that “RidgeBot powered by RidgeGen helps our customers maintain a more confident and secure posture against breaches and ransomware attacks by reducing both false positives and false negatives in security.” Zhang added that the technology “allows security teams to expand security testing beyond 1-day exploits to uncover Zero Day vulnerabilities specific to their environment.”

RidgeGen integrates the contextual intelligence of Large Language Models (LLMs) with RidgeBot’s domain-specific knowledge to address complex exploit testing and produce precise testing results. The platform extends its coverage beyond website testing to include IT infrastructure elements such as hosts, networks, applications, APIs, and LLMs. Ridge Security presents this framework as a comprehensive offensive security solution developed for public and commercial application.

The RidgeGen framework was first demonstrated at a private event held in San Jose on September 25. The presentation highlighted the framework’s architecture as a multi-agent ecosystem, illustrating its capacity for collaborative reconnaissance, coordinated exploit chaining, and dynamic threat modeling. The event also showcased its ability to detect advanced threats, including JWT confusion attacks, which have previously affected numerous enterprises.

During the San Jose preview, Ridge Security disclosed the outcomes of the recent DEFCON 2025 Benchmark Bakeoff. RidgeBot achieved an 88% benchmark completion rate, exceeding other leading web security testing tools, which scored 38% and 82%. The platform also generated zero false positives and reduced false negatives significantly.

Charles Kolodgy, principal at Security Mindsets, noted the dynamic nature of cybersecurity, stating, “Ridge Security is providing the innovation that allows security teams to stay ahead of AI-powered threat actors.” He further explained that “RidgeGen seamlessly integrates specially trained AI into RidgeBot to improve precision discovery and protection capabilities without creating ghost alerts (false positives and negatives). Improving automation capabilities associated with CTEM allows human experts to concentrate on the most important events.”

Earlier this year, Ridge Security introduced RidgeBot 5.2, which incorporated an initial version of RidgeGen to deliver an advanced security service module driven by a specifically trained Generative AI (GenAI) small language model. The company indicates that RidgeGen enhances the efficiency and accuracy of security testing, addressing the increasing demands within the Continuous Threat Exposure Management (CTEM) market.

Ridge Security, based in Milpitas, California, focuses on developing cybersecurity products that leverage advanced artificial intelligence to improve the efficacy and efficiency of security validations for enterprise CISOs and security teams.