OT does not need to be on the open internet for this to matter. Models can infer during exploitation by performing the same reconnaissance steps used in other offensive contexts, then filling in the gaps from observed behavior. We have seen this by testing our own agent against strange environments with varied defenses it likely had not encountered before.
The training set matters less than many people assume. The model’s raw reasoning ability, tool use, and ability to adapt from feedback are the bigger issue. If a model were only repeating its training data, it would not be generalizing, it would just be overfit to its dataset.
Hey! absolutely it exists. We sell to large companies and penetration testing firms and assessments from our agent cost 1/50th the cost of a normal pentest. happy to chat! https://vulnetic.ai
There are never ending ways to make agents better at hacking. Defense is clearly behind. At my startup we are constantly coming up with new defensive measures to put our hacking agent Sable against, and I've determined that you basically need to be air gapped in the future for a chance of survival. A SOC of AI agents can't keep up with 1 AI hacker on a network that is even remotely stealthy. it is a disaster. wrote an article about it:
https://blog.vulnetic.ai/evading-an-ai-soc-with-sable-from-v...
We use Cardboard at Vulnetic and it is an incredible product. The founders are easily accessible, and it has definitely made it easier to film feature update videos. I can't recommend them enough.
At Vulnetic ai we deal with this by having a separate validator agent attack the vulnerability reported using a novel perspective separate of the hacking agent.