Back to articles
Product
Updated Jul 8, 2026

Self-serve AI pentesting is now live

Barrion's AI pentest attacks your web app or API the way a real attacker would. It maps your attack surface, chains live requests to find what is genuinely exploitable, and reproduces every finding in an isolated sandbox before it reaches your report. Until now, kicking one off meant booking a call with us to scope it first.

Now any Barrion account can set up and start an AI pentest directly, with no call required, and the same release deepened the engine underneath it. You define the scope, start the run, follow it live, and pay a single fixed price only when you want the full report.

What is new

This release changed two things.

The first is access. Setting up a pentest no longer needs a call. A wizard in your dashboard walks you through the target, the credentials, and anything you want left alone, and nothing is sent until you approve it.

The second is depth. It extends the engine's multi-wave attack chaining and broadens its authenticated testing, so a run digs further into your app than it did before. Starting a run is free, and findings appear as the agent works. You pay once, at a fixed price, when you want to unlock the complete report with proof and remediation for every finding. Whether you are a solo developer or an enterprise security team, that turns what used to be a scheduled engagement into something you can start yourself.

How a run works

Each engagement moves through five phases inside an isolated Kali sandbox you can watch in real time:

  1. Scope and authorize: you set the targets, surfaces, and credentials, and mark anything off-limits. The agent stays aggressive inside the scope and quiet everywhere else.
  2. Recon and discovery: it maps hosts, endpoints, parameters, auth flows, and your stack before attacking anything.
  3. Multi-wave attack: specialist agents work through injection, access control, authentication, API, and business-logic testing, carrying findings from one wave into the next.
  4. Reproduce before report: every replayable finding is re-run in the sandbox. If it does not reproduce, it never reaches your report.
  5. Report and retest: you get a ranked report with proof, remediation, and WSTG coverage as a downloadable bundle with a shareable PDF. Once a fix is in place, we retest the finding and confirm it is resolved.

Findings stream into your dashboard within hours as the agent works. Once the run completes, our security team reviews the results before the final report is released, usually within a couple of working days.

Real attacks, not a scan

A scanner matches patterns and gives you a list of things that might be wrong. This works differently. Each run spins up a per-engagement Kali box with the tools a manual tester reaches for, including sqlmap, nuclei, ZAP, katana, ffuf, dalfox, and jwt_tool, and the agent reasons about your specific app as it goes. It confirms a bug from the response itself, whether that is a blind SQL injection showing up as a timing difference or an endpoint returning 200 where it should return 403.

By the time something reaches your report it has already been reproduced, with the request, the response, the affected surface, and the matching OWASP WSTG and CWE references attached. There is far less to wade through, because the maybes were filtered out before you ever saw them.

What it looks at

Coverage maps to the OWASP Top 10, the OWASP API Security Top 10, and all 97 WSTG v4.2 test cases, each with an evidence-backed status:

  • Injection and web exploitation: SQL and NoSQL injection, XSS, command injection, SSRF, SSTI, XXE, CSRF, open redirects.
  • Access control and authentication: broken access control, IDOR, privilege escalation, session and JWT flaws, multi-tenant isolation.
  • API and business logic: BOLA and BFLA, mass assignment, excessive data exposure, rate-limiting gaps, business-logic abuse, file upload and path traversal, chained exploits.

The report ships with a full coverage matrix, so you can show an auditor or a customer exactly what ran and how each case came out.

Running it safely

Testing your own production app should not feel like a gamble, so every probe is rate-limited and non-destructive. The agent proves a finding by reading the response, not by writing or deleting data, and it only touches what you approved during setup. If you would rather start on staging, point it there instead. It runs against any environment you control and authorize.

When to run it

Run it whenever you need a real pentest. That covers the annual, audit-ready assessment for SOC 2, ISO 27001, or a customer security review, and it covers the moments in between too: when you ship a feature, before a launch, or any time a change makes you uneasy. Because it is self-serve and repeatable at a fixed price, most teams stop treating a pentest as a once-a-year event and run one whenever the app changes.

It stands on its own as a full pentest. If your security program also brings in manual testers, Barrion makes every one of those engagements more productive: the OWASP Top 10, the API Security Top 10, and all 97 WSTG cases are already covered with reproduced proof, so no one starts from a blank page.

Try it

Create a free account, open AI Pentesting in your dashboard, and set up your first run. Setup takes a few minutes, then the agent goes to work and you can watch findings land in your dashboard before you decide to pay for the full report.

Running a larger estate, want recurring pentests on a schedule, or need the scope and rules of engagement agreed up front? Book a scoping call and we will put a plan together with you. It is the same testing engine underneath either way.

Frequently asked questions

Q: What does self-serve AI pentesting mean?

A: You scope, authorize, and start a full AI penetration test yourself from the Barrion dashboard, with no sales call. This release also deepens the engine, so a run reaches further into your app, and you can go from setup to a running test in minutes.

Q: How much does it cost to start?

A: Nothing upfront. You start the run for free and preview the issues Barrion finds, then pay only to unlock the full report. It is one fixed price per engagement, shown before you pay, with a retest after you patch included. Larger or enterprise engagements can be scoped and quoted on a call.

Q: Will an AI pentest break my application or data?

A: No. Every probe is rate-limited and non-destructive by design, and you approve the scope and any off-limits paths before a single request is sent. Many teams run the first engagement against staging.

Q: How is this different from an automated scanner?

A: A scanner pattern-matches and hands you a list of maybes. Barrion actively attacks the target like an adversary, chains requests, and reproduces every replayable finding inside an isolated Kali sandbox before reporting it, so you get proof-of-exploit rather than unconfirmed alerts.

Q: How long does a run take?

A: The automated run surfaces findings within a few hours, streaming into your dashboard as the agent works. Our security team then reviews the results to verify each finding before the report is finalized, which usually adds no more than a couple of working days. So you see results the same day and get the verified, audit-ready report shortly after.

Q: Does this replace a human pentester?

A: Yes, for most of what teams need a pentest for. It attacks your app like a real adversary and covers the OWASP Top 10, the API Security Top 10, and all 97 WSTG cases with reproduced proof, which is what the large majority of engagements and audits call for. Many teams run it as their core, ongoing pentest, and it also pairs well with a periodic manual engagement if your program includes one.

Related reading

Secure your apps before
someone else finds the gaps.

Trusted by dev teams and agencies for security monitoring and audit-ready reports.