Security testing stories

OpenAI agrees to buy Promptfoo, aiming to embed automated security testing and red-teaming tools directly into its Frontier AI coworker platform.

HackerOne warns AI rollouts are outpacing security, with 89% of organisations lacking full testing and incidents driving up costs.

Terra Security becomes first AWS partner validated for Autonomous Security Validation, as AI-driven continuous threat testing gains pace.

New research from Cobalt finds 98% of surveyed pentesters prefer PTaaS to bug bounties and show almost no faith in AI-only security scanning.

Archipelo and Checkmarx partner to fuse dev workflow signals with app security scans, giving teams origin evidence to prioritise fixes.

Cyber consultancy Reversec has named former Accenture executive Åse Holmberg Zetterlund as CEO to drive its next phase of global expansion.

F5 Labs launches monthly AI security leaderboards, ranking popular models on new indices of risk, resilience and cost under live attack.

Anthropic unveils Claude Code Security, an AI tool that scans codebases for complex bugs, verifies risks and suggests patches for developers.

Simbian launches an AI Pentest Agent that runs continuous, adaptive penetration tests, promising faster, context-aware vulnerability detection.

Asia-Pacific organisations hit steeper technical hurdles than global peers as they try to scale agentic AI from pilot projects to production.

Bitget and BlockSec launch a UEX Security Standard, urging provable, system-wide safeguards for unified multi-asset trading platforms.

Guardsquare snaps up Verimatrix's XTD tech, adding real-time mobile threat detection and response to its end-to-end app security platform.

AI security fears and rapid release cycles are pushing firms to demand faster, deeper pentesting - and many are ready to ditch existing vendors.

Veracode upgrades its Package Firewall and testing tools to block malicious software packages before they enter development pipelines.

HackerOne launches Agentic PTaaS, blending AI agents with human experts to deliver continuous, always-on penetration testing for enterprises.

AI-driven cloud adoption is forcing firms to swap static privacy checklists for continuous, real-time defence of sensitive data flows.

Radware acquires Pynt to add pre-production testing and deliver unified lifecycle API security from design through to runtime defence.

New UK cyber bill pushes critical sectors towards continuous offensive security testing as state-backed and criminal threats intensify.

GlobalLogic and Elektrobit are deepening their 15-year alliance to accelerate software-defined vehicles, safety, cyber security and HPC.

HackerOne unveils Good Faith AI Research Safe Harbor, giving security testers clearer authorisation and protection for probing AI systems.