Connect with us

Business & Technology

Intruder launches AI pentesting for web apps on demand

Published

on


Intruder has launched an AI pentesting service for web applications, adding on-demand penetration testing to its security platform.

The service lets customers connect source code repositories through GitHub or GitLab so tests can be scoped and started automatically. Results and audit-ready reports are produced within hours, rather than the weeks or months often associated with manual engagements.

The launch builds on Intruder’s earlier use of AI for issue-level investigations, where autonomous agents validated scanner findings. With the new release, the company is moving into full-scale white-box testing, using access to a codebase to search for weaknesses across an application.

Intruder says the system was built and trained by CREST-certified pentesters and is intended to mirror how experienced human testers work. The agents reason through applications and adapt their approach as they test.

Cost pressure

Pricing starts at USD $3,500 per test. According to Intruder, automated web application tests cost 25% or less of a traditional manual engagement.

That pricing is aimed in part at smaller businesses that may struggle to pay for frequent manual pentests. Existing customers can view web application pentest findings alongside attack surface, cloud, and vulnerability data in the same platform.

The move comes as security teams face pressure to review software released more frequently by engineering groups using AI coding tools. Intruder cited its own survey of security leaders, which found that 49% named AI and automation as their top investment priority for 2026.

Intruder argues that annual pentests no longer match software release cycles in many businesses, where major deployments may happen weekly. It also points to a shrinking window between the disclosure of vulnerabilities and their exploitation by attackers.

The service is designed for security, IT, and development teams that want more regular application testing without the scheduling overhead of conventional pentest projects. Reports generated by the service can be used as evidence for compliance frameworks including SOC 2 and ISO 27001.

Andy Hornegold, Chief Security Technologist at Intruder, said the launch reflects the company’s long-standing aim to broaden access to security testing.

“Our mission at Intruder has always been to make robust cybersecurity accessible to everyone,” said Andy Hornegold, Chief Security Technologist at Intruder. “Providing web application testing marks an exciting step on that journey. By delivering the depth of a pentest on demand and at a fraction of the price, we’re helping businesses keep up with an accelerating threat environment.”

Broader shift

The launch comes as suppliers across the market try to use AI to automate more of the work traditionally carried out by security consultants. Intruder pointed to recent industry attention on AI systems that can identify software flaws, while warning that attackers are using similar tools to speed up offensive activity.

For customers, the main operational change is the ability to run tests more often and closer to release cycles. Rather than commissioning a one-off annual review, organisations could use automated pentesting as part of routine software delivery.

Chris Wallis, Chief Executive Officer and Founder of Intruder, framed the argument around time and budget constraints for smaller organisations.

“Historically, the cost of a pentest has been very high and has taken a long time,” said Chris Wallis, Chief Executive Officer and Founder of Intruder. “In today’s accelerated threat environment, that timeline and cost don’t hold up. We’re ensuring that resource-constrained small and medium-sized businesses aren’t excluded from good security purely based on budget.”

One customer cited by Intruder said the appeal lies in filling the gap between formal annual assessments. Yembo, which continues to use human pentesters, said more continuous testing is needed to reduce exposure between scheduled reviews.

“Securing a global AI platform requires continuous defense,” said Zach Rattner, Chief Technology Officer and Co-Founder of Yembo. “While Yembo continues to leverage human pentesters, annual assessments alone leave dangerous windows of exposure. Intruder’s AI pentesting bridges that gap by delivering human-grade depth at machine speed to keep our platform permanently hardened.”



Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business & Technology

NCC Group & Siemens team up on UK OT cyber security

Published

on


NCC Group and Siemens have agreed to collaborate on cyber security for UK critical infrastructure, with a focus on operational technology used across industry, energy and defence.

The companies have signed a Memorandum of Understanding on cyber resilience for critical national infrastructure, particularly where information technology systems intersect with operational technology that manages physical processes and assets.

The collaboration combines Siemens’ expertise in industrial automation, control systems and operational technology with NCC Group’s cyber security and resilience services. Support will be aimed at asset owners, operators and supply chains.

Operational technology has become a growing concern for operators of essential services as industrial systems become more connected to corporate networks and external data environments. That convergence has widened the potential attack surface for organisations running energy networks, manufacturing sites, transport systems and defence-related infrastructure.

In the UK, the issue carries broader economic and security implications because disruption to operational technology can affect physical operations, not just data or office systems. Critical infrastructure operators have faced increasing pressure to strengthen defences as cyber threats become more frequent and more sophisticated.

OT focus

The agreement is framed around that shift, with both companies arguing that industrial cyber security now requires a joined-up approach across digital and physical environments. Their plan centres on an end-to-end resilience model that combines industrial systems expertise with cyber security oversight.

Siemens has a long-standing presence in industrial software, automation and control environments used in factories, utilities and infrastructure. NCC Group, which operates internationally in cyber security, has presented the tie-up as a way to address risks earlier in modernisation and connectivity projects.

Paul Hingley, Cyber Security Expert, Siemens UK & Ireland, said: “Organisations responsible for keeping the country powered, connected and secure are under growing pressure to protect not just their IT systems, but the operational technology that controls physical assets on the ground. This collaboration brings together complementary strengths to help customers protect the physical systems that keep the country running.”

The agreement reflects a broader trend across industrial sectors, where cyber security spending is increasingly linked to operational continuity, safety and regulatory expectations. In these environments, the consequences of a cyber incident can extend beyond data loss to outages, equipment disruption and interruptions to essential services.

Shared ambition

The arrangement also points to a closer working relationship between the two businesses on industrial cyber security. They described the threat landscape as large in scale and urgent in nature.

Peter Vorley, Chief Commercial Officer, NCC Group, said: “Cyber resilience is now a fundamental enabler of industrial performance. Our collaboration with Siemens reflects a shared ambition to support organizations as they connect, automate and modernize their operational environments. By combining our strengths, we can help customers move forward faster and more safely, while shaping a more secure digital future for the sector.”

The UK market for industrial cyber security has drawn increasing attention from technology suppliers, consultants and specialist security firms as operators update legacy systems and connect more equipment to digital platforms. That shift has created demand for services that cover both conventional IT security and the specialist requirements of industrial control systems.

Unlike office-based IT environments, operational technology often includes equipment with long life cycles, strict uptime requirements and safety-critical functions. Those characteristics can make patching, monitoring and system changes more complex, especially in sectors where downtime is expensive or unacceptable.

Supply chain exposure is also a factor in industrial security planning, as operators rely on equipment vendors, maintenance providers and software partners that may connect to production or infrastructure environments. The collaboration will also cover support for supply chains alongside asset owners and operators.

Siemens is one of the largest industrial technology groups active in infrastructure and automation markets, while NCC Group has built its business around cyber resilience and software escrow services. NCC Group says it has more than 2,000 employees across Europe, North America and Asia Pacific.

The partnership places operational technology security at the centre of efforts to defend critical infrastructure, as cyber threats increasingly affect the systems that run essential services and industrial operations.



Source link

Continue Reading

Business & Technology

PayPal adds new Pay in 30 Days option for UK shoppers

Published

on



KAREN JOY BACUDO

Finance Editor

PayPal has launched Pay in 30 Days for eligible UK customers, adding a new buy now, pay later option to its British checkout offering.

The service lets shoppers make an online purchase with PayPal and pay the full amount up to 30 days later. It is available on eligible transactions worth between £1 and £900, with no interest, sign-up fees or additional charges.

The launch expands PayPal’s existing buy now, pay later range in the UK, which already includes Pay in 3. That product lets customers split a purchase into three payments, with one taken at checkout and two more over the following two months.

Pay in 30 Days is available to eligible users across PayPal’s nearly 30 million-strong UK customer base. Customers can access the option through the existing PayPal checkout flow without opening a separate account or downloading another app.

Purchases and repayments are handled through PayPal’s own system. The 30-day window is intended to give customers more flexibility to pay at a point that better aligns with payday or other household bills.

Consumer demand

The launch comes as deferred payment products continue to gain ground with British shoppers. PayPal cited market data showing that 25% of UK adults used a buy now, pay later service at least once in the previous year.

It also linked the launch to changing expectations around how these products are offered, saying consumers want more flexible and transparent payment choices as regulatory scrutiny of the sector increases.

“British customers are smart. They want the flexibility to pay on their terms – but they’re also more discerning than ever about who they trust with their money. We’ve seen that in how our customers use PayPal, and our BNPL product offering, including both Pay in 3 and now Pay in 30 Days, is our response: genuine flexibility, zero fees, and the reassurance of a brand that’s been part of UK shopping for over two decades,” said Tamer El-Emary, General Manager UK at PayPal.

“As BNPL becomes regulated by the FCA, and continues to grow in the UK, the bar for trust and transparency will only rise – and we think that’s a good thing. For businesses, it means customers will increasingly gravitate toward payment options from names they recognise. PayPal’s Pay in 30 Days gives merchants a way to meet that demand, backed by a checkout experience their customers already know and trust.”

Merchant angle

For retailers, PayPal is positioning the new option as an addition to its current checkout rather than a separate technical project. Merchants that already use PayPal checkout do not need a new integration to offer Pay in 30 Days.

The company also cited research among 1,000 UK business owners and senior representatives who offer buy now, pay later services. In that survey, 64% said customer trust in their provider mattered most, while 50% said offering a broad range of payment options at checkout directly supported conversion.

This forms part of a wider battle among payments groups to retain a visible place at online checkout, where instalment products and short-term deferred payment options have become more common. Providers are trying to appeal to both consumers seeking flexibility and merchants seeking to reduce friction before a sale is completed.

PayPal’s approach in the UK centres on expanding the range of choices available under one brand. Alongside Pay in 3 and the new 30-day deferred payment option, customers enrolled in PayPal+ can earn PayPal+ Points on eligible Pay in 30 Days purchases.

The UK is an important market for the group, and buy now, pay later remains a closely watched area across consumer finance and digital commerce. Businesses in the segment are under pressure to demonstrate that their products are clear to use and easy for customers to manage as official oversight intensifies.

Pay in 30 Days is designed to sit within the same account and payment environment customers already use for online shopping. Eligible shoppers can select the option at checkout, complete the purchase and then settle the full amount within 30 days.

The product arrives as payment groups compete over trust, ease of use and checkout placement in a market where short-term credit has become a routine part of online spending. Pay in 30 Days is being made available to eligible customers across PayPal’s nearly 30 million-strong UK user base.



Source link

Continue Reading

Business & Technology

Oxfordshire sandwich shop slammed with poor food hygiene rating

Published

on



Matsho Africaribbean in unit 6, 7 and 8 in Victoria Cross Gallery Market Place in Wantage was visited by Vale of White Horse District Council‘s Environmental Health team on Monday, June 8.

Inspectors were not impressed with what they found and stated that ‘major improvement’ was necessary at the shop.

As a result, the supermarket was given a one-out-of-five hygiene rating after the inspection.

The report outlined one key issue at the eatery which was highlighted as a cause of concern.

Management of food safety at the venue required ‘major improvement’ according to inspectors.

READ MORE: Princess Diana’s Oxford-educated barrister faces retrial over £2m tax dodge

This refers to whether there is a system or checks in place to ensure that food sold or served is safe to eat.

It also concerns whether there is evidence that staff know about food safety and if the food safety officer has confidence that standards will be maintained in future.

The cleanliness and condition of both the facilities and the building were then rated as ‘good’.

This includes having an appropriate layout, ventilation, hand washing facilities and pest control to enable good food hygiene.

This refers to the preparation, cooking, re-heating, cooling and storage of food.

Meanwhile, the hygienic food handling was also deemed as ‘improvement necessary’.

The Oxford Mail have contacted Matsho Africaribbean for a comment.





Source link

Continue Reading

Trending