.png)
2026 State of AI in Pentesting
This report captures the perspectives of 400 CISOs, CTOs, and senior engineering leaders across Europe and the US. It explores how AI is changing penetration testing, why traditional approaches are struggling to keep pace with modern software delivery, and what security leaders want from the next generation of penetration testing.

Key Findings
Only 21% validate security on every release, despite 76% deploying significant changes weekly or faster
48% say pentest findings are already outdated when they arrive
79% are concerned about missing vulnerabilities introduced between scheduled tests
69% would validate security on every release or at least quarterly if cost and resources weren't a constraint
Summary
Software is changing faster than security testing can keep up. This report explores how AI is reshaping pentesting, why traditional models are becoming harder to sustain, and what organizations expect from modern pentesting.
Contributors include leaders from Lovable, IDC, OWASP, Frost & Sullivan, the UK Cabinet Office, Latio Tech, PSG, and Glasswall.
What you’ll learn
How AI is changing pentesting, why pentesting is struggling to keep pace with software delivery, and what leading teams want from the next generation of penetration testing.
