The Security Strategist 9 July 2026 3 MIN

Autonomous Pen Testing & the Next Era of Security Testing

Sandeep Kamble, Founder & CTO at SecureLayer7 talks to host Richard Stiennon about how traditional penetration testing & autonomous security testing are changing offensive security.

As demand for artificial intelligence (AI) increases and investment rises, AI is being used to spot threats more quickly.

In the recent episode of The Security Strategist podcast, host Richard Stiennon, Chief Research Analyst at IT-Harvest, an author, and a trusted advisor to vendors, VCs and private Equity Firms, conversed with Sandeep Kamble, Founder and CTO at SecureLayer7

Kamble explained how traditional testing and autonomous security testing are changing offensive security. He highlighted how these tools are designed to empower security teams. 

Kamble told Stiennon that this shift was a logical next step. Years of building manual testing skills, cloud security practices, and vulnerability research at SecureLayer7 formed the basis for AI to enhance that expertise. 

The goal is to create a tool that security professionals can use to be more effective in pentesting using AI.

Why Traditional Security Scanners Are Outdated 

For years, security testing has relied on rule-based scanners, signatures, and checklists. While these tools could spot known weaknesses, they often faced challenges with complex vulnerabilities, business logic flaws, and context-specific risks. 

Kamble said that this traditional method often led to lengthy vulnerability reports filled with false positives. This made it hard for security teams to determine what truly needed action. 

The real challenge was understanding which ones posed real risks in a specific company's environment in addition to identifying vulnerabilities. 

SecureLayer7's autonomous testing platform was designed to fill that gap. It combines AI agents with deep security expertise that allows the platform to analyse application architecture, understand context, and identify vulnerabilities through reasoning.

Does Human Expertise Need to Expand With Autonomous Pen Testing?

Autonomous pen testing means providing security professionals with additional capabilities, not replacing them. Kamble emphasised that human expertise is still vital, but how that expertise is applied is changing. 

Instead of an external team conducting tests in isolation, the platform empowers an enterprise’s pentesters and security experts. This gives them a powerful tool to scale testing on their own terms and timelines. 

With repetitive tasks such as reconnaissance and report writing handled by the AI agent, internal teams can focus on in-depth analysis, prioritisation, and strategic security decisions. 

Kamble noted significant productivity improvements among security professionals using this AI-supported process. AI removes obstacles, allowing security teams to concentrate on the important tasks. 

The SecureLayer7 CTO envisions a future where skilled professionals work with a more robust toolkit. A toolkit that’s equipped with a more powerful toolkit, capable of continuous testing at a scale that manual methods cannot achieve, at a faster, more accurate pace. 

What CISOs Should Prioritise

Alluding to C-suites and CISOs, Kamble asks them to look beyond current vulnerabilities. For instance, they should prioritise the ongoing changes within their environments, such as the changes brought on by AI. 

Additionally, modern enterprises release thousands of updates, services, and applications quickly. Each change presents new opportunities for attackers, who are also using advanced technologies to speed up their efforts. 

For CIOs and CISOs, this means that having real-time visibility into infrastructure changes is becoming as important as tracking known vulnerabilities. It also means providing internal security teams with tools that allow them to keep up with that pace of change, rather than relying only on periodic, external assessments. 

As AI-driven threats progress, enabling internal teams to conduct continuous testing at scale may become one of the most crucial defences an enterprise can develop.

Key Takeaways:

  1. AI is reshaping testing with smarter automation.
  2. AI agents help uncover complex vulnerabilities faster.
  3. Human expertise remains vital in cybersecurity.
  4. Continuous testing helps manage growing attack surfaces.
  5. AI security needs control and human oversight.

Chapters

  • 00:00 The Rise of Autonomous Pen Testing
  • 03:00 AI-Driven Security Testing: A New Era
  • 05:50 Complex Vulnerabilities and Human Expertise
  • 09:11 Scaling Autonomous Pen Testing
  • 12:08 The Future of Red Teaming and Social Engineering
  • 16:05 Key Takeaways for CIOs and CISOs

For further information, please visit securelayer7.net and em360tech.com.

Shubhangi Dua
Follow
Message