MADISON, Wis., June 30, 2026 /PRNewswire/ — Sprocket Security, a continuous penetration testing platform, has launched Apex, its first AI penetration testing agent, to accelerate vulnerability discovery in web applications. Apex performs autonomous, context-aware, unauthenticated web application testing, surfacing exploitable vulnerabilities at machine speed. Apex is wired into the attack surface management platform Sprocket has been building since 2018 to capture real-world offensive testing knowledge. Each customer’s assets, tech stack, complete testing history, and previous findings serve as context, allowing Apex to surface deep and complex vulnerabilities. Sprocket’s expert human testers supervise the fleet of agents and validate findings so security teams can prioritize their response.

Contextual Offensive Security: AI and human testers for speed and quality

• Apex reasons like a Sprocket pentester, forms a hypothesis, attempts exploitation to prove real impact, and re-tests every suspected issue before surfacing a finding.
• Apex operates with full customer context: drawing on each organization’s known web assets and complete findings history, eliminating duplicates and automatically flagging regressions if a remediated vulnerability reappears. Testing compounds. Each run builds on the last and calibrates severity to your environment.
• A Sprocket pentester then reviews and validates each result before it is published, so every Apex finding clears two checks before reaching a customer’s dashboard.

“Apex is built on everything Sprocket has learned running continuous penetration tests since 2018,” said Casey Cammilleri, Founder and CEO of Sprocket Security. “That history is the context that makes this agent good: every asset, test, and finding captured on our platform. Apex runs autonomously and our team supervises every result, so what reaches a customer is real, prioritized, and ready to act on.”

Apex Tests for Real Impact

Apex tests against the OWASP Top 10 categories and beyond, chaining smaller weaknesses into attack paths that demonstrate real, exploitable impact rather than theoretical risk. Apex writes an Attack Narrative for every run that documents what was tested, whether or not it produced a finding.

Apex runs inside Sprocket’s SOC 2 environment under a zero-data-retention policy, on a model-agnostic harness built to adopt the best available models over time; customer data is never used to train models.

Full technical detail is available in the Apex overview. Additional AI agents are planned for release throughout 2026.

About Sprocket Security

Sprocket Security provides a technology-powered continuous penetration testing platform. Named in GigaOm and Gartner reports this year, Sprocket continuously monitors customer environments and triggers hybrid testing based on each customer’s dynamic attack surface and emerging threats. Unlike legacy penetration testing, Sprocket’s continuous approach delivers real-time insights and adaptive security, giving organizations a security posture that reflects today, not their last test.

Media Contact
Sprocket Security
Marketing Department
+1(608)260-7909
marketing@sprocketsecurity.com

View original content to download multimedia:https://www.prnewswire.com/news-releases/sprocket-security-launches-apex-an-ai-penetration-testing-agent-for-continuous-human-supervised-testing-at-machine-speed-302814899.html

SOURCE Sprocket Security