According to The Next Web, CyCognito expanded its exposure management platform with continuous AI pentesting capabilities - branded Kineto - that simulate multi-step attack chains across enterprise infrastructure. The Next Web reports the feature uses AI agents to evaluate sequences of actions, not just individual CVE-style vulnerabilities, and assesses whether chained steps could realistically expose sensitive systems or data. According to The Next Web, CyCognito says the platform recognizes more than 60 categories of AI-related technologies, citing examples such as MCP servers, Ollama, MLflow, PyTorch, Triton, and n8n. CyCognito's Kineto page states the agents run "100% of the time, across 100% of your external attack surface." The product is currently in a pre-launch waitlist phase. Industry observers note continuous, context-aware validation is increasingly relevant as AI stacks introduce non-CVE misconfigurations and cross-service attack paths.
What happened
According to The Next Web, CyCognito expanded its exposure management platform to include continuous AI pentesting - branded Kineto - that simulates multi-step attack chains across enterprise infrastructure. The Next Web reports the capability uses AI agents to model attacker movement and evaluate whether sequences of actions could expose sensitive systems or data, rather than stopping at individual CVE-style findings. According to The Next Web, CyCognito says the platform identifies more than 60 categories of AI-related technologies.
Product status
CyCognito's Kineto is currently in a pre-launch phase with a public waitlist; the product is not yet generally available. CyCognito's Kineto landing page states: "We've spent years uncovering weaknesses in complex enterprise environments. That knowledge now powers a swarm of pentesting agents, each specialized for a different asset type: web apps, AI endpoints, OT/IoT systems, and more." The company invites sign-ups for a Design Partner program and early access.
Technical details
According to The Next Web, the coverage list includes technologies and components commonly deployed in AI infrastructure, including:
- • MCP servers - • Ollama - • MLflow - • PyTorch - • Triton - • n8n
The Next Web describes the feature as combining contextual reasoning about configuration, privileges, and inter-service links to build attack chains, rather than matching individual signatures to known CVEs.
Industry context
Public reporting frames this approach as part of a broader industry move away from point-in-time, signature-based scanning toward continuous adversary-style validation of environments that include model hosting, RAG systems, orchestration platforms, and other ML infrastructure. Industry observers note that misconfigurations and overprivileged services in AI stacks often lack CVEs yet can create realistic exploitation paths when combined.
What to watch
Independent validation of whether simulated attack chains reproduce real-world compromises without excessive false positives; case studies from the Design Partner program; and formal general availability of Kineto beyond the current waitlist.
Scoring Rationale #
CyCognito's Kineto addresses a genuine and growing security gap - continuous attack-chain simulation across AI and cloud infrastructure - and the concept is practically relevant to security practitioners. However, the product is in a pre-launch waitlist phase, key specifics (the 60-category claim) rely on a single secondary source, and no independent validation is available. Score reflects meaningful sector relevance discounted for pre-launch status.
Practice with real Telecom & ISP data
90 SQL & Python problems · 15 industry datasets
[Active Residential CustomersEasy](/problems/sql/active-residential-customers)
[Unlimited Fiber Plans 500Mbps+Medium](/problems/sql/unlimited-fiber-plans-above-500mbps)
[Customer Churn Risk AssessmentHard](/problems/sql/customer-churn-risk-assessment)
250 free problems · No credit card
See all Telecom & ISP problems