Traditional penetration testing relies on manual or point-in-time assessments, often delivered weeks after software has already shipped. In a recent survey of 500 security and engineering leaders conducted by Aikido, 76 percent report deploying significant production changes weekly or faster, yet only 21 percent validate security on every release.
Meanwhile, 85 percent report that security findings are outdated by the time final reports are delivered. Today’s launch of Aikido Infinite aims to change this. It’s a continuous AI penetration testing solution that autonomously validates and remediates vulnerabilities.
“For years, organizations have been working around the limitations of traditional testing and DAST because there was nothing better available,” said Willem Delbare, co-founder and CEO of Aikido. “Software delivery is now continuous, but security testing isn’t. Infinite completely changes that. This is the beginning of self-securing software.”
Each software change triggers agentic pentesting agents that discover risk, validate exploitability, apply remediation where safe, and retest to confirm risk reduction. Instead of relying on periodic engagements, teams gain a continuous feedback loop that operates alongside deployment, not after it. This level of exhaustive testing would be difficult to replicate even with the largest in-house security teams, whose resources do not scale in proportion to the expanding attack surface and pace of change.
Aikido’s code-to-runtime platform gives Infinite deep context from the organization’s source code, application architecture, and internal logic flows. Then, agents autonomously pursue every possible route of attack across the application’s total surface area, identifying undocumented endpoints, hidden logic paths, complex multi-step edge cases, and architectural anomalies that are often unknown by testers today or too time-consuming for manual testers to address. It learns from every finding on each deployment, providing a continuous feedback loop that developers can then use to improve code security even before commit.
You can find out more on the Aikido site.
