Connect with us

Business & Technology

Intruder launches AI pentesting for web apps on demand

Published

on


Intruder has launched an AI pentesting service for web applications, adding on-demand penetration testing to its security platform.

The service lets customers connect source code repositories through GitHub or GitLab so tests can be scoped and started automatically. Results and audit-ready reports are produced within hours, rather than the weeks or months often associated with manual engagements.

The launch builds on Intruder’s earlier use of AI for issue-level investigations, where autonomous agents validated scanner findings. With the new release, the company is moving into full-scale white-box testing, using access to a codebase to search for weaknesses across an application.

Intruder says the system was built and trained by CREST-certified pentesters and is intended to mirror how experienced human testers work. The agents reason through applications and adapt their approach as they test.

Cost pressure

Pricing starts at USD $3,500 per test. According to Intruder, automated web application tests cost 25% or less of a traditional manual engagement.

That pricing is aimed in part at smaller businesses that may struggle to pay for frequent manual pentests. Existing customers can view web application pentest findings alongside attack surface, cloud, and vulnerability data in the same platform.

The move comes as security teams face pressure to review software released more frequently by engineering groups using AI coding tools. Intruder cited its own survey of security leaders, which found that 49% named AI and automation as their top investment priority for 2026.

Intruder argues that annual pentests no longer match software release cycles in many businesses, where major deployments may happen weekly. It also points to a shrinking window between the disclosure of vulnerabilities and their exploitation by attackers.

The service is designed for security, IT, and development teams that want more regular application testing without the scheduling overhead of conventional pentest projects. Reports generated by the service can be used as evidence for compliance frameworks including SOC 2 and ISO 27001.

Andy Hornegold, Chief Security Technologist at Intruder, said the launch reflects the company’s long-standing aim to broaden access to security testing.

“Our mission at Intruder has always been to make robust cybersecurity accessible to everyone,” said Andy Hornegold, Chief Security Technologist at Intruder. “Providing web application testing marks an exciting step on that journey. By delivering the depth of a pentest on demand and at a fraction of the price, we’re helping businesses keep up with an accelerating threat environment.”

Broader shift

The launch comes as suppliers across the market try to use AI to automate more of the work traditionally carried out by security consultants. Intruder pointed to recent industry attention on AI systems that can identify software flaws, while warning that attackers are using similar tools to speed up offensive activity.

For customers, the main operational change is the ability to run tests more often and closer to release cycles. Rather than commissioning a one-off annual review, organisations could use automated pentesting as part of routine software delivery.

Chris Wallis, Chief Executive Officer and Founder of Intruder, framed the argument around time and budget constraints for smaller organisations.

“Historically, the cost of a pentest has been very high and has taken a long time,” said Chris Wallis, Chief Executive Officer and Founder of Intruder. “In today’s accelerated threat environment, that timeline and cost don’t hold up. We’re ensuring that resource-constrained small and medium-sized businesses aren’t excluded from good security purely based on budget.”

One customer cited by Intruder said the appeal lies in filling the gap between formal annual assessments. Yembo, which continues to use human pentesters, said more continuous testing is needed to reduce exposure between scheduled reviews.

“Securing a global AI platform requires continuous defense,” said Zach Rattner, Chief Technology Officer and Co-Founder of Yembo. “While Yembo continues to leverage human pentesters, annual assessments alone leave dangerous windows of exposure. Intruder’s AI pentesting bridges that gap by delivering human-grade depth at machine speed to keep our platform permanently hardened.”



Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business & Technology

Oxfordshire sandwich shop slammed with poor food hygiene rating

Published

on



Matsho Africaribbean in unit 6, 7 and 8 in Victoria Cross Gallery Market Place in Wantage was visited by Vale of White Horse District Council‘s Environmental Health team on Monday, June 8.

Inspectors were not impressed with what they found and stated that ‘major improvement’ was necessary at the shop.

As a result, the supermarket was given a one-out-of-five hygiene rating after the inspection.

The report outlined one key issue at the eatery which was highlighted as a cause of concern.

Management of food safety at the venue required ‘major improvement’ according to inspectors.

READ MORE: Princess Diana’s Oxford-educated barrister faces retrial over £2m tax dodge

This refers to whether there is a system or checks in place to ensure that food sold or served is safe to eat.

It also concerns whether there is evidence that staff know about food safety and if the food safety officer has confidence that standards will be maintained in future.

The cleanliness and condition of both the facilities and the building were then rated as ‘good’.

This includes having an appropriate layout, ventilation, hand washing facilities and pest control to enable good food hygiene.

This refers to the preparation, cooking, re-heating, cooling and storage of food.

Meanwhile, the hygienic food handling was also deemed as ‘improvement necessary’.

The Oxford Mail have contacted Matsho Africaribbean for a comment.





Source link

Continue Reading

Business & Technology

The hidden cost of synthetic identity fraud

Published

on


UK fraud losses reached £1.17 billion in 2024, with more than 3.3 million confirmed fraud cases. Identity fraud continues to accelerate, driven by synthetic identities, AI-assisted scams, and increasingly sophisticated payment fraud. As reimbursement rules tighten, financial institutions are facing a new reality: fraud is no longer just a security problem; it is becoming a direct financial liability.

Generative AI is making synthetic identities easier and cheaper to create, allowing fraudsters to combine authentic personal information with fabricated addresses and identities at unprecedented scale. Authorised push payment (APP) fraud alone accounted for £450.7 million of UK losses in 2024, while government-linked fraud reporting recorded a record 421,000 identity fraud cases during the same period. The fastest-growing category was false identity fraud, which increased by 60% year over year and now accounts for nearly one-third of all identity fraud cases.

While the UK’s reimbursement rules are specific to its regulatory environment, the underlying drivers – AI-enabled fraud, digital onboarding, instant payments, and synthetic identities – are affecting financial institutions worldwide, including Australia. What’s changed in the UK is that regulators have made the cost of inaction explicit. A mandatory reimbursement scheme puts a defined liability, capped at £85,000 per claim, on the banks that move fraudulent payments, split between the sending and receiving institution. That is a line item now, not a hypothetical, and it is a preview of where fraud prevention and AML accountability are heading in other markets.

Where the Finance Function’s Exposure Actually Sits

Most fraud prevention and KYC budgets are built around two layers: document verification at onboarding and biometric checks to catch deepfakes and presentation attacks. Both matter, and both are becoming more sophisticated as AI-generated fraud grows harder to detect. But there is a quieter layer underneath both that finance teams often underweight: the accuracy of the address data attached to every application, invoice, and payment instruction.

Synthetic identity fraud works precisely because it blends one real credential, commonly a genuine national identifier, with fabricated supporting details. Unlike names or identity documents, addresses must correspond to real-world locations. Verifying that an address is valid, deliverable, and consistent with identity records provides an additional layer of trust that synthetic identities often fail to satisfy. Most onboarding and fraud detection systems check whether an address looks plausible rather than whether it actually exists, which is exactly the gap synthetic identities are built to exploit.

That gap has a direct cost attached to it for finance leaders, not just a compliance one. Every synthetic identity that clears onboarding becomes a credit risk, a reimbursement liability, and, in many cases, a remediation cost once the account is flagged and unwound. None of that appears as a fraud loss on day one. It shows up months later – compounded.

Invoice and mandate fraud carry a similar blind spot. Business email compromise (BEC) scams that redirect payment instructions frequently rely on a plausible-looking but incorrect billing or remittance address to move funds to a criminally controlled account before anyone notices the mismatch. High-profile BEC incidents have resulted in losses exceeding £20 million after organisations acted on fraudulent payment instructions. Address verification at the point where payment instructions change, not just during onboarding, can help identify these inconsistencies before funds are transferred.

Why This Belongs on the CFO’s Desk, Not Just Risk and Compliance

Fraud prevention has traditionally been viewed as the responsibility of risk, compliance, or cybersecurity teams. However, reimbursement mandates and increasing regulatory accountability mean the financial consequences ultimately land on the CFO’s desk. When a reimbursement claim lands, it becomes a direct cost. When a synthetic identity account defaults after building a credit history over several months, it becomes a bad debt write-off that finance must explain. When an invoice fraud payment leaves the business, it is cash that may never be recovered.

For finance teams building the business case for stronger fraud controls, the conversation that resonates with boards is rarely about simply “reducing fraud.” It is about avoiding measurable financial liabilities: reimbursement exposure, remediation costs that increase the longer fraudulent accounts remain active, and the reputational damage that follows a public payment fraud incident.

What This Looks Like in Practise

Closing this gap does not require replacing an existing fraud prevention or AML stack. Instead, finance teams should validate address data at key points throughout the customer lifecycle:

  • When a customer or account is created
  • Whenever payment or remittance details change
  • Periodically for dormant or high-risk accounts

In each case, the same questions should be asked:

  • Does the address exist?
  • Is it correctly formatted using authoritative postal reference data?
  • Is it consistent with the other identity or payment information on file?

Address validation is a fast, low-friction control compared with document review or biometric verification, making it one of the most cost-effective additions to an organisation’s fraud prevention strategy. It is particularly valuable for detecting synthetic identities, which often establish a seemingly legitimate credit history over months before being used for fraudulent withdrawals or defaults. Periodic address verification helps identify these risks before they become financial losses.

Address verification solutions such as Melissa’s help organisations validate addresses in real time during onboarding and whenever payment details change. By ensuring address data is accurate, standardised, and deliverable, finance, fraud, and compliance teams gain greater confidence in the customer information used to support payment and identity decisions.

As fraud becomes more sophisticated and more expensive, trusted address data is no longer just an operational requirement. It is an increasingly important financial control.

Learn more about Melissa UK Address Verification.



Source link

Continue Reading

Business & Technology

UK clothing retailer at risk after entering administration

Published

on



Activewear Group Ltd, established in March 2014, is a clothing and fashion retailer specialising in affordable activewear, workwear, and uniforms.

The company, which also offers printing and embroidery services, trades directly with leading brands and maintains strong relationships with the UK’s top wholesalers.

Activewear’s LinkedIn profile adds: “Our aim is to provide the highest quality of service to ensure a great end user customer experience through a cost effective approach.”

The company operates online via its website and from a 1,750 square foot warehouse in Redditch, with a 1,500 sq ft area which is used as a showroom, packing, and office/meeting area.

Activewear Group enters administration after 8 years

Now, Activewear Group is at risk of closing after having fallen into administration.

Stuart Kelly and Claire Harsley from Mackay Goodwin Limited were appointed joint administrators on July 8, according to The Gazette.

Activewear Group had registered a charge with Companies House in June, just weeks before entering administration.

The charge represents a loan or debt secured against the company’s assets, giving lenders priority in the event of insolvency.

There is a clearance sale currently running on the Activewear Group website, while other sections are unavailable.

What happens when a company goes into administration?

When a company enters administration, it means that it is unable to pay expenses, debts, or other liabilities, according to SquareUp.com.

Companies House adds: “When a company goes into administration, they have entered a legal process (under the Insolvency Act 1986) with the aim of achieving one of the statutory objectives of an administration. This may be to rescue a viable business that is insolvent due to cashflow problems.

“An appointment of an administrator (a licensed insolvency practitioner) will be made by directors, a creditor or the court to fulfil the administration process.”



A statutory moratorium is put in place once a company enters administration, giving it “breathing space” to allow for financial restructuring plans to be drawn up free from creditor enforcement actions.

A company can continue to trade while in administration, but daily management and control are handed over to the administrators.

Companies House continues: “Within 8 weeks it is the administrators’ role to formulate administration proposals.

“Creditors are then asked to vote by a decision procedure to approve the administrators’ proposals.

“If the administration involves a sale of all or part of the company’s business, the proceeds (after the costs of the procedure) will be distributed to creditors in a statutory order of priority.”

Administration will end automatically after 12 months unless the administrator asks the court or creditors for an extension.



Through administration, a company can be:

  • Rescued and passed back to the directors
  • Enter liquidation
  • Be dissolved

Other UK companies that have closed or entered administration/liquidation in 2026

It has been a tough year for the UK high street, with several other retailers entering administration or liquidation and others announcing widespread store closures.

Major high street brands LK Bennett, Claire’s, and Quiz have been forced to close all their remaining stores after falling into administration.

UK fashion retailer Leading Labels is also set to close its remaining 15 stores after falling into liquidation.

TG Jones will be closing 150 stores across the UK as part of a “restructuring” plan approved by the High Court on Wednesday (July 1).

Other retailers have been forced to close stores this year, including:



Several UK travel companies have also ceased trading or entered administration in 2026:

Luxury UK holiday company Salamander Voyages shut down back in April after entering administration.

Meanwhile, four UK airlines have fallen into administration or liquidation:



UK delivery company Yodel is set to be phased out over the coming months after being acquired by InPost.

It’s also been reported that Morrisons is looking to sell some of its in-store pharmacies as it continues to cut costs.

It hasn’t all been bad news for the UK high street, with several major brands announcing new store openings for 2026, including Aldi, M&S, and Superdrug.

Plus-size clothing brand Evans also returned to the UK high street recently after closing all its stores and concessions in December 2020.

Bodycare is also set to return to the UK high street in 2026 after closing all its stores last year, having fallen into administration.

Have you ever purchased clothing from Activewear Group Ltd before? Let us know in the poll above or in the comments below.





Source link

Continue Reading

Trending