Agentic AI for Pentesting

Agentic AI refers to autonomous systems designed to take initiative and achieve complex security goals with minimal human intervention. Unlike static scanners, agentic AI like Sara uses specialized agents to validate vulnerabilities by emulating real attacker behavior—executing, prioritizing, or abandoning actions based on real-time analysis of the target’s responses.

While a vulnerability scan identifies potential risks from a known list, AI pentesting (like Sara Triage) goes further by actively adjudicating findings to determine if they are truly exploitable. Sara automates the testing phase, allowing vulnerabilities to be identified much faster than manual human testing, while still maintaining human review at the end for final validation.

Synack uses GCP Vertex AI to leverage Google Gemini (to summarize scoping information in the Synack Assessment Creation Wizard) and Anthropic Claude (for Sara services).

No. The underlying LLMs used to power Sara and other AI features and services do not retain or train on any Synack customer data. Synack maintains full control over where data is processed and stored at rest.

No, Synack does not use customer data for training AI features or services at this time.

Sara operates within a Layered Validation Architecture to ensure all actions stay within approved scopes. Some key safety functions include:

• Destructive Command Blocking: The filter proactively identifies and drops commands across nine infrastructure categories that could cause service disruption, such as mass deletion of databases or virtual machines.
• Strict Scope Enforcement: Sara is technically bounded to stay within your approved IP ranges and web applications, with built-in processes that prevent unauthorized lateral movement.
• Rules of Engagement (RoE) Compliance: The system automatically enforces a strict RoE that prohibits intentional Denial of Service (DoS) testing, password brute-forcing, uncontrolled post-exploitation activities, or interaction with third-party services.

Currently, bypassing Captcha remains a challenge as it is specifically designed to detect bots; testing is best performed on targets without it. Support for MFA (Multi-Factor Authentication) and OTP (One-Time Passwords) is not available now, but is on the roadmap.

Sara tests for a wide range of web and host vulnerabilities, including but not limited to:

• Web: SQL Injection (SQLi), Cross-Site Scripting (XSS), IDOR, SSRF, and Command Injection.
• Host: Weaknesses in protocols like SSH, FTP, SMTP, and SMB, including known exploits like EternalBlue.
• CVE-Based: Mapping and validating specific vulnerabilities against the latest intelligence sources.

In addition to open source vulnerability intelligence, Synack sources vulnerability intelligence from a third-party provider, ensuring the agent has the necessary context for the latest Proof of Concepts (POCs) and CVE information. Performance is further maintained by testing agents against internal benchmarks to prevent “drift” when underlying LLM models are updated.

Currently Sara can only test external web and host assets. Testing of internal assets is on the roadmap.