XBOW

Expert-level pentesting. On demand. Starting today. → Launch in minutes → Results in 5 days → Validated, reproducible, compliance-ready 🗓️ Live demo walkthrough tomorrow: xbow.com/pentest-webinar

Hackers already use AI. “The key about agentic AI systems is that they will actually amplify what we can do as humans, and that’s certainly true within cybersecurity.” Catch our Founder and CEO, @oegerikus, on @technology discussing how XBOW’s Series C funding enables us to scale at a time when the industry needs to fight AI attacks with AI-defense: bit.ly/4bAlf5u

@dfjgrowth is leading @Xbow 's $120M Series C to reinvent offensive security Agentic attackers are scaling fast. Anything that can be exploited will be exploited. Security and dev teams need testing that moves as fast as modern software development. XBOW is transforming penetration testing from a manual, episodic exercise into an autonomous, continuous security capability. Its AI routinely finds critical vulnerabilities overlooked by years of conventional testing. Few entrepreneurs have helped define the future of both AI software development and software security, but that's @oegerikus. A visionary and a powerhouse with a cult-like following, Oege built Semmle in code security and then led the creation of GitHub Copilot to kickstart the AI coding revolution. Hacker intelligence at machine speed

Technology proven ✅ Market fit proven ✅ Now it’s time to SCALE 🏹🚀 Together with @dfjgrowth and @northzoneVC, we just announced a $120M funding round, valuing XBOW at over $1B. Our Autonomous Hacker was trained by elite human security experts. In 2025, we proved it can safely and effectively operate in real production environments. Today, over 100 customers worldwide already trust XBOW to protect their most critical assets. As AI allows attackers to move faster, defenders need the same continuous speed and capabilities. This milestone allows us to bring autonomous offensive security to the entire industry at the exact moment it’s needed most. Read more: bit.ly/4lA033O

Meet the XBOW team at #RSAC2026. From autonomous penetration testing and exploit-validated findings to continuous attack surface discovery, we’re advancing offensive security at machine speed. Book time at our booth to see how proof-driven testing eliminates noise and measures real risk: bit.ly/4183yoQ Get to know our team 👇

1,060 autonomous attack chains later, the narrative still says “not possible.” The International AI Safety Report 2026 concludes that fully autonomous attacks are not here yet. The experiences of teams deploying real-world autonomous offense tell a different story. In our latest blog, we unpack where the industry’s model of AI offense diverges from what is already operational and what that shift means for defenders: bit.ly/4sjKrnN

If you’re thinking about how to adapt your cybersecurity strategy to AI-driven pressure, this conversation is for you. 🫵 At @OneRSAC, our CISO @nicowaisman will sit down with @Jhaddix of @arcanuminfosec and @openai’s @daveaitel to dive into the “Chaos Phase” - what it is, why it’s happening, and how security leaders should respond. Join the discussion: bit.ly/402mXXQ 📅 3/25 🕧 12pm – 2pm PST 🏢 Modi

“The vulnerability with the highest CVSS score in this month’s update is a critical remote code execution flaw in the Microsoft Devices Pricing Program. CVE-2026-21536 (CVSS score: 9.8), per Microsoft, has been fully mitigated [...] Artificial intelligence (AI)-powered autonomous vulnerability discovery platform XBOW has been credited with discovering and reporting the issue.” bit.ly/4s2u8vq

Is LLM-based code review enough? Although it’s an important security tool, it’s just one part of a full program. Why? Because there’s a mismatch between how LLMs reason and how vulnerabilities actually exist in the real world...that's not all. Read our blog to dig into this topic more: bit.ly/4qZxqPi

Pentesting doesn't start with hacking. It starts with a scoping call. Now XBOW takes one too. Feed it API specs, priorities, attack strategies – the same context you'd give a human pentester. It runs autonomously from there. One team described a known path traversal. XBOW chained it into RCE. Built by @ca0s_ , who spent years on the other side of those calls. Public Preview for Assessment Guidance is now live. bit.ly/47DIrOM

@bgigurtsis Hi Billy, thanks for reaching out. We’ve contacted your account owner, who will be in touch soon to provide support.

The XBOW autonomous offensive security platform tests the security of running applications. So does DAST. What's the difference? XBOW was built from the ground up for a world where developers and cyberattackers are fueled by AI. Explore the full side-by-side breakdown, how AI-driven pentesting builds on DAST, and what becomes possible next: bit.ly/3OTPdJS

JUST IN: XBOW has been named to the 2026 Cyber 150 by IT-Harvest! 🎉 AI Security led the number of vendors recognized this year, reflecting the industry’s shift toward using AI to strengthen teams, tools, and processes for greater cyber resilience. We’re proud to be recognized among the fastest-growing mid-size cybersecurity companies helping lead that charge. See the full list: bit.ly/4s9XMir

This International Women’s Day, and every day, we celebrate the women across our teams and communities whose work drives meaningful change. Your impact is seen, valued, and appreciated. In honor of #IWD2026 yesterday, our arbalists 🏹 are reflecting on the power of uplifting others, leading with generosity, and championing diverse perspectives to achieve stronger outcomes.

DAST vs. XBOW AI pentesting: what’s the real difference? Both test running applications, but they diverge in how they think, adapt, and validate vulnerabilities. Our latest blog breaks down the methodology and benchmark data behind each approach. ⬇️ Dive into the comparison: bit.ly/3OTPdJS

Boards are asking CISOs tougher questions as the gap between vulnerability and exploitation continues to narrow. XBOW was built for this reality: autonomous AI that continuously probes your environment and validates exploits before they reach your team. See it in action: xbow.com

→ Machine-speed execution → Dynamic, goal-oriented reasoning → Exploit-validated proof That’s how autonomous offensive security, in tandem with expert security pros, finds real vulnerabilities faster, cuts scanner noise, and lowers testing costs. Proud to see XBOW included in this @TheStreet roundup of top AI-powered penetration testing tools 👇 bit.ly/4r9V9Mk

⚠️ AI attackers don’t wait for pentest schedules. In the “Hackerbot-claw” case, an AI bot scanned GitHub, tried 5 exploit paths, and exfiltrated a token…autonomously. AI threats move continuously. Your security testing should too. Human expertise + continuous autonomous testing = better coverage against AI-speed threats. That’s the new baseline. More in @step_security: bit.ly/3PaE33o

Ready to chat all things autonomous offensive security with our team at #RSAC? 🏹 From continuous pentesting to AI-enabled attacks, let’s explore together what your organization can do to stay ahead. Connect with us at the event: bit.ly/4qWj9Db

The future of defense is offensive security. As @AnneNeuberger recently wrote in @wsj, to keep up with AI-driven attacks, organizations must now “build a network of continuously learning, secure defensive agents that can detect, reason and react faster than any human.” Read her further thoughts on fighting AI with AI ⬇️ on.wsj.com/4sguBdl