Cobalt, a provider of penetration testing as a service (PTaaS) and offensive security services, has announced new human-led, AI-powered enhancements to its Cobalt Offensive Security Platform, aiming to improve capabilities for its pentesting community and customers.

The enhancements integrate automated intelligence with human expertise, designed to help organizations maintain their defensive posture against complex and evolving cyber threats. Cobalt’s strategy involves a human-led, AI-powered methodology to optimize traditional pentesting workflows, offering streamlined data enrichment, remediation guidance, and improved efficiency.

The new capabilities introduced include AI-Powered Scoping, which prioritizes assets and identifies pentest needs, and an AI Pentest Assistant, which summarizes prior findings and suggests actions. Additionally, the platform now features AI-Driven Insights and Benchmarking for industry peer comparisons, and an AI Assistant for Findings and Reports to draft text for specific sections. An AI-Powered Reconnaissance tool, aimed at accelerating the initial phase of pentests, is scheduled for release in Q4 2025.

Tyler Shields, a security analyst at Enterprise Strategy Group, commented on the development, stating, “Augmenting offensive experts and penetration testers with AI tools is a transformative way to simultaneously scale this expertise and have AI learn and build trust over time.”

Gunter Ollmann, CTO at Cobalt, emphasized the role of AI in supporting human experts. “As threats become more complex and attackers leverage AI, we must evolve our defenses in kind,” Ollmann said. “Human pentesters are most effective when uncovering real-world risks. By arming them with tools that match the speed and sophistication of modern threats, we’re not replacing pentesters with AI; we’re opening doors to a whole new level of creative liberty, accuracy, and focus. This helps organizations identify risks sooner, resolve issues faster, and keep innovation moving, resulting in stronger security, reduced operational drag, and greater confidence to innovate at scale.”

These initial AI enhancements from Cobalt aim to address the challenge of data volume in cybersecurity that can obscure genuine threats. Cobalt’s AI models are trained on over a decade of real pentesting data, rather than synthetic data or bug bounties, providing a dataset in the industry. By automating reconnaissance tasks, Cobalt enables penetration testers to concentrate on identifying sophisticated attack vectors and developing exploits to strengthen customer defenses.

Cobalt specializes in penetration testing as a service (PTaaS) and human-led, AI-powered offensive security services, focusing on combining talent and technology. The Cobalt Offensive Security Platform is utilized by thousands of customers and hundreds of partners, supported by over 450 security experts, to identify and address vulnerabilities. The company reports a Net Promoter Score (NPS) of 9.12.