scroll it

Synack expands continuous security testing with Attack Surface Discovery and AI/LLM pentesting

0% read

REDWOOD CITY, Calif., Feb. 29, 2024 — Synack, the premier security testing platform, has announced a continuous Attack Surface Discovery offering and scalable AI penetration testing to help overtaxed security teams stay ahead of evolving threats. 

Just 9% of organizations report they monitor their whole attack surface, and the advent of AI-enabled cyberthreats is exposing additional gaps in defenders’ visibility.

Synack’s Attack Surface Discovery allows enterprises to not only reveal their external attack surfaces but also make that data actionable, pairing continuous discovery with comprehensive Pentesting as a Service (PTaaS). Key benefits include: 

  • Continuous discovery of new assets as testing candidates
  • Insights that inventory and fingerprint all discovered and tested assets
  • Tailored user permissions via role-based access controls to groups of assets
  • Continuous testing through a single platform, powered by the Synack Red Team of 1,500-plus trusted security researchers
  • Vulnerability triage, re-testing and root cause analysis backed by best-in-class engineering and customer support

Continuous Security Testing chart that details a cycle of attack surface discovery and visibility, to asset insights to identify high impact testing targets, to testing coverage and cadence aligned with importance and rate of change, to vulnerability triage and report, to vulnerability root cause analysis, back to discovery.

“Security teams are still struggling to understand their attack surfaces and act on that data to improve their security posture,” said Dr. Mark Kuhr, Synack CTO and co-founder. “Our PTaaS with integrated Attack Surface Discovery gives organizations a fighting chance against attackers.” 

As threats have morphed, so has Synack: The speed of modern software development has reinforced the need for organizations to constantly scan for new vulnerabilities, including in AI and large language model (LLM) applications. In the U.S. federal sector, agencies have adopted 1,200 current and planned AI use cases even as they “can’t effectively address AI risks,” the Government Accountability Office noted in a recent report. 

The expertise on the Synack Red Team extends to generative AI technologies that have added to the complexity of modern enterprise attack surfaces. Synack has introduced an offering to test the latest generation of AI/LLM applications in alignment with the OWASP LLM Top 10.

To find out more about how Synack can mitigate fast-moving attack surface risks, please visit