The collaboration addresses a key challenge for startups: meeting the increasing security expectations of buyers without the extensive resources typically required for traditional penetration tests. Traditional human-led pen testing can be costly and take weeks to deliver results, often proving prohibitive for smaller companies.

Christina Cacioppo, CEO of Vanta, stated, “Startups are expected to meet the same security standards as large enterprises, but they often lack the resources to get there. With XBOW, we can bring ambitious companies the world’s best pen tester built into their security and compliance platform. By making expert-level testing more accessible, we’re helping companies of all sizes build and earn trust from day one.”

The integrated solution enables security teams to conduct AI-powered autonomous penetration tests, which XBOW claims can surface critical vulnerabilities more rapidly and comprehensively than human-only methods. This approach is designed to offer a more accurate view of infrastructure security at a reduced cost and time investment. Key aspects of the offering include:
* Quality: Automated tests are designed by security researchers.
* Value: Helps meet buyer security expectations without requiring expensive external consultants or lengthy wait times.
* Convenience: Tests can be launched and completed within Vanta’s platform, integrating into existing security and compliance workflows.

Customers on Vanta’s Plus and Growth plans will receive one penetration test annually as part of their subscription, subject to coverage limits. The autonomous pen testing feature is scheduled for a closed preview at the end of August, with general availability planned for later in the year.

Oege de Moor, CEO and founder of XBOW, commented, “Security should be accessible without sacrificing rigor. By bringing autonomous penetration testing into the Vanta platform, we’re giving startups the ability to meet the highest standards of security with speed and confidence.”

This partnership aligns with Vanta’s broader objective to help businesses establish and demonstrate trust. Vanta’s platform already provides end-to-end user access management, personnel security training workflows, and AI-powered vendor risk management. To further support customer trust, Vanta offers a public Trust Center and AI-powered Questionnaire Automation, providing buyers with real-time insights into a company’s security posture. The addition of XBOW’s penetration testing capabilities aims to allow startups to continuously validate their security posture, which can facilitate business deals and growth.

Both Vanta and XBOW are scheduled to be present at Black Hat 2025.

Vanta, founded in 2018, is an AI-powered trust management platform that serves over 12,000 companies across 58 countries from offices in Dublin, London, New York, San Francisco, and Sydney. XBOW is an AI-powered penetration testing platform that focuses on scaling offensive security, capable of delivering human-level security testing at machine speed. It was founded by creators of GitHub Copilot and is backed by Sequoia and Altimeter.