How to Safely Implement Autonomous AI Agents for Pentesting Live Apps Theori's Xint platform safely scanned over 2,500 live domains without disruption using autonomous AI agents for penetration testing, implementing a two-layer safety architecture that includes operational authentication and intelligent safe mode to prevent service outages and scope violations. How to Safely Implement Autonomous AI Agents for Pentesting Live Apps โš ๏ธ Risks Faced by Business Units When Introducing AI Autonomous Agents -risks-faced-by-business-units-when-introducing-ai-autonomous-agents-0 ๐Ÿ” The 4 Criteria for Safe AI Penetration Testing -the-4-criteria-for-safe-ai-penetration-testing-1 ๐Ÿ› ๏ธ Xint Scanned 2,500+ Domains Without Disruption in Safe Mode -xint-scanned-2500-domains-without-disruption-in-safe-mode-2 ๐Ÿ”น Layer 1: Actual operational authentication and scope as is Run as User -layer-1-actual-operational-authentication-and-scope-as-is-run-as-user-3 ๐Ÿ”น Layer 2: Intelligent Safe Mode -layer-2-intelligent-safe-mode-4 ๐Ÿ There is no need to compromise on stability for the sake of speed -there-is-no-need-to-compromise-on-stability-for-the-sake-of-speed-5 The first questions you ask when considering an AI-based vulnerability detection tool are usually around performance: "How many vulnerabilities can be found?" Is it more accurate than existing scanners? Is the cost reasonable? Just as important is the safety question: "Is it really okay to connect this to the live service? What if this causes a service outage?" The goal is to strengthen security, so it would be problematic if the security tool caused the crashes. Letโ€™s examine why 'operational safety' should be the top priority when selecting AI-based penetration testing tools, and what criteria should be used to evaluate it. โš ๏ธ Risks Faced by Business Units When Introducing AI Autonomous Agents AI-based penetration testing solutions attempt attacks by making decisions on their own without human intervention. But this speed for Autonomous Agents can lead to serious risks in the absence of proper controls: Operational failure: There is a concern that the agent may cause an excessive traffic load or lead to unexpected server downtime while performing attack simulations. Out of Scope Becomes In Scope: There is a risk that the AI, while making its own decisions, may go beyond the set test scope and interfere with connected external systems or unauthorized areas. False Positive Noise: Due to the nature of LLMs, incorrect results may be reported as vulnerabilities, which can place unnecessary response risks on security personnel. Therefore, when choosing an AI penetration testing tool or solution, you must ensure that it has a 'safety architecture' capable of technically controlling these three risks. ๐Ÿ” The 4 Criteria for Safe AI Penetration Testing | | | Does it merely prove the presence of vulnerabilities in a harmless way, instead of using malicious payloads that destroy the actual system? e.g., automatically deletes files immediately after uploading a test | | Is there a cross-validation algorithm to filter out the AI's initial judgment? e.g., if SQL injection is suspected, modify the payload, re-request, and verify consistency | | Does it strictly limit test targets, provide a feature to immediately stop scanning in emergencies, and offer tamper-proof audit logs? | | Are there detailed options to maintain availability, such as blocking data modification/deletion, controlling request rates, and specifying maintenance time zones? | ๐Ÿ› ๏ธ Xint Scanned 2,500+ Domains Without Disruption in Safe Mode Xint is an AI-based vulnerability detection platform built by Theori based on years of industry experience. One part of the platform is Xint Web https://xint.io/products/xint-web : the AI-based black-box penetration testing solution that tests web applications from an attacker's perspective. Xint Web has over 55,000 accumulated hours across 2.5k+ domains in actual operating environments of major domestic and international corporations and financial institutions. The design principles of Xint are clear: Test in an operating environment, but do not affect operations. It sounds easy, but actually technically guaranteeing this is another matter. Xint implements this in two layers. ๐Ÿ”น Layer 1: Actual operational authentication and scope as is Run as User Xint avoids indiscriminate scanning. It uses context to understand the actual target environment and user specifications, and operates with precision. Credential Pre-validation: Authentication sessions are verified before the inspection begins. This fundamentally prevents unnecessary scans from being wasted or accounts from being locked due to incorrect credentials. Login Recorder: Xint records the demanding and complex login flow of the modern web exactly as it is and applies it to the scan agent. Session Cookie Authentication & Local Storage Token Support: Securely acquires authorization by fully supporting not only existing session management methods but also modern web authentication architectures such as JWT and OAuth. Vulnerability Type Settings: You can finely adjust the scope of vulnerabilities to be checked to suit the service environment. Allowlist / Denylist Management: It reliably excludes sensitive areas that are dangerous to tamper with, such as administrator pages or payment pages, from the scan target. ๐Ÿ”น Layer 2: Intelligent Safe Mode Operational safeguards are in place to block risks of concern to the infrastructure and service operations teams. Ensuring data integrity It completely blocks the execution of queries that modify or delete data DML or queries that manipulate table structures DDL . Access to other users' resources is strictly restricted to 'Read-Only'. Intelligent traffic control To prevent server overload due to excessive traffic, the request rate is limited to approximately 2 requests per second. We are also currently developing a fine-grained Rate Limit adjustment feature that allows for customized speed control. Real-time server load monitoring If a surge in 400 or 500-range error responses occurs on the target server during a scan, the AI detects the server overload and intelligently slows down or adjusts the scan speed. Flexible control and pause If any abnormal signs are detected during monitoring, you can immediately stop the scan at any time with a single button. Proxy support You can safely inspect even closed internal network assets that are inaccessible from the outside through a proxy. ๐Ÿ There is no need to compromise on stability for the sake of speed The use of AI security solutions is now an irreversible trend. However, sacrificing operational stability for speed and coverage is not the right trade-off. Solutions introduced to enhance security should not become a new risk. Our teamโ€™s expertise in practical offensive security in the real world has led to a platform equipped with proven AI technology and a robust safety architecture.