XBOW
@xbow.com
Bringing AI to offensive security by autonomously finding and exploiting web vulnerabilities. Watch XBOW hack things: https://xbow.com/traces
🗓️ Still haven’t registered for this week’s webinar? There’s time!
Join our experts for a trace-level walkthrough of how real IDORs are discovered using creative reasoning, going beyond traditional scanners to find vulnerabilities that others miss.
Register: xbow.com/webinar-trac...
Join our experts for a trace-level walkthrough of how real IDORs are discovered using creative reasoning, going beyond traditional scanners to find vulnerabilities that others miss.
Register: xbow.com/webinar-trac...
February 11, 2026 at 5:53 PM
🗓️ Still haven’t registered for this week’s webinar? There’s time!
Join our experts for a trace-level walkthrough of how real IDORs are discovered using creative reasoning, going beyond traditional scanners to find vulnerabilities that others miss.
Register: xbow.com/webinar-trac...
Join our experts for a trace-level walkthrough of how real IDORs are discovered using creative reasoning, going beyond traditional scanners to find vulnerabilities that others miss.
Register: xbow.com/webinar-trac...
We’re going to #RSAC 📍
Attending? Here’s how to connect with us:
👋 Meet our team at Booth #1843
💬 Chat 1:1 with our experts
▶️ Catch live demos
🗓 Pick the brains of our founders and executive team about the future of offensive security in the AI-threat landscape
🔗 https://bit.ly/4qWj9Db
Attending? Here’s how to connect with us:
👋 Meet our team at Booth #1843
💬 Chat 1:1 with our experts
▶️ Catch live demos
🗓 Pick the brains of our founders and executive team about the future of offensive security in the AI-threat landscape
🔗 https://bit.ly/4qWj9Db
February 10, 2026 at 2:00 PM
We’re going to #RSAC 📍
Attending? Here’s how to connect with us:
👋 Meet our team at Booth #1843
💬 Chat 1:1 with our experts
▶️ Catch live demos
🗓 Pick the brains of our founders and executive team about the future of offensive security in the AI-threat landscape
🔗 https://bit.ly/4qWj9Db
Attending? Here’s how to connect with us:
👋 Meet our team at Booth #1843
💬 Chat 1:1 with our experts
▶️ Catch live demos
🗓 Pick the brains of our founders and executive team about the future of offensive security in the AI-threat landscape
🔗 https://bit.ly/4qWj9Db
Real attackers. Real results.
In just a few clicks, see how your apps stand up to real-world attackers and get a clear path forward.
Learn if your team qualifies for a free Lightspeed pre-flight: https://xbow.com/pentest-lightspeed
#AppSec #OffensiveSecurity #Cybersecurity
In just a few clicks, see how your apps stand up to real-world attackers and get a clear path forward.
Learn if your team qualifies for a free Lightspeed pre-flight: https://xbow.com/pentest-lightspeed
#AppSec #OffensiveSecurity #Cybersecurity
February 9, 2026 at 9:53 PM
Real attackers. Real results.
In just a few clicks, see how your apps stand up to real-world attackers and get a clear path forward.
Learn if your team qualifies for a free Lightspeed pre-flight: https://xbow.com/pentest-lightspeed
#AppSec #OffensiveSecurity #Cybersecurity
In just a few clicks, see how your apps stand up to real-world attackers and get a clear path forward.
Learn if your team qualifies for a free Lightspeed pre-flight: https://xbow.com/pentest-lightspeed
#AppSec #OffensiveSecurity #Cybersecurity
XBOW bridges the gap between automated scanning and manual testing.
The result: creative reasoning that doesn’t stop at 403s or 502s, and uncovers real threats.
The Hacker News on two newly discovered IDORs in Spree: https://bit.ly/4bFH19x
The result: creative reasoning that doesn’t stop at 403s or 502s, and uncovers real threats.
The Hacker News on two newly discovered IDORs in Spree: https://bit.ly/4bFH19x
⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More
This week’s cyber recap covers AI risks, supply-chain attacks, major breaches, DDoS spikes, and critical vulnerabilities security teams must track.
thehackernews.com
February 9, 2026 at 6:25 PM
XBOW bridges the gap between automated scanning and manual testing.
The result: creative reasoning that doesn’t stop at 403s or 502s, and uncovers real threats.
The Hacker News on two newly discovered IDORs in Spree: https://bit.ly/4bFH19x
The result: creative reasoning that doesn’t stop at 403s or 502s, and uncovers real threats.
The Hacker News on two newly discovered IDORs in Spree: https://bit.ly/4bFH19x
📣 XBOW is now available on AWS Marketplace!
AWS customers can now purchase XBOW through their existing workflows & use committed spend, while getting pentest results in hours, backed by real exploit validation.
Read about the partnership & a limited-time 50% for XBOW Lightspeed: bit.ly/4qnVrPk
AWS customers can now purchase XBOW through their existing workflows & use committed spend, while getting pentest results in hours, backed by real exploit validation.
Read about the partnership & a limited-time 50% for XBOW Lightspeed: bit.ly/4qnVrPk
February 5, 2026 at 7:00 PM
📣 XBOW is now available on AWS Marketplace!
AWS customers can now purchase XBOW through their existing workflows & use committed spend, while getting pentest results in hours, backed by real exploit validation.
Read about the partnership & a limited-time 50% for XBOW Lightspeed: bit.ly/4qnVrPk
AWS customers can now purchase XBOW through their existing workflows & use committed spend, while getting pentest results in hours, backed by real exploit validation.
Read about the partnership & a limited-time 50% for XBOW Lightspeed: bit.ly/4qnVrPk
Come see XBOW in action 🔍
Learn how IDORs are discovered and exploited in practice.
Leave with insight into:
• Why scanners fail at IDORs
• How agentic reasoning over objects, roles, and auth states finds and stops them
Register: https://bit.ly/3ZNIQdg
Learn how IDORs are discovered and exploited in practice.
Leave with insight into:
• Why scanners fail at IDORs
• How agentic reasoning over objects, roles, and auth states finds and stops them
Register: https://bit.ly/3ZNIQdg
February 5, 2026 at 3:24 PM
Come see XBOW in action 🔍
Learn how IDORs are discovered and exploited in practice.
Leave with insight into:
• Why scanners fail at IDORs
• How agentic reasoning over objects, roles, and auth states finds and stops them
Register: https://bit.ly/3ZNIQdg
Learn how IDORs are discovered and exploited in practice.
Leave with insight into:
• Why scanners fail at IDORs
• How agentic reasoning over objects, roles, and auth states finds and stops them
Register: https://bit.ly/3ZNIQdg
Aim for what matters every time. 🎯
Hear from our partner Rhymetec about how they conduct AI-powered pentesting in real-world deployments.
Here’s what autonomous offensive security in action looks like: https://bit.ly/4q95DLc
Hear from our partner Rhymetec about how they conduct AI-powered pentesting in real-world deployments.
Here’s what autonomous offensive security in action looks like: https://bit.ly/4q95DLc
February 4, 2026 at 6:56 PM
Aim for what matters every time. 🎯
Hear from our partner Rhymetec about how they conduct AI-powered pentesting in real-world deployments.
Here’s what autonomous offensive security in action looks like: https://bit.ly/4q95DLc
Hear from our partner Rhymetec about how they conduct AI-powered pentesting in real-world deployments.
Here’s what autonomous offensive security in action looks like: https://bit.ly/4q95DLc
Most IDORs aren’t “guess the next number.” They hide in real authorization logic.
In our latest Tales from the Trace, XBOW uncovered two zero-day IDORs by reasoning through the app like a pentester, even after 403s and 502s.
Check it out: https://bit.ly/4kmlmpg
In our latest Tales from the Trace, XBOW uncovered two zero-day IDORs by reasoning through the app like a pentester, even after 403s and 502s.
Check it out: https://bit.ly/4kmlmpg
February 4, 2026 at 1:09 PM
Most IDORs aren’t “guess the next number.” They hide in real authorization logic.
In our latest Tales from the Trace, XBOW uncovered two zero-day IDORs by reasoning through the app like a pentester, even after 403s and 502s.
Check it out: https://bit.ly/4kmlmpg
In our latest Tales from the Trace, XBOW uncovered two zero-day IDORs by reasoning through the app like a pentester, even after 403s and 502s.
Check it out: https://bit.ly/4kmlmpg
Traditional DAST ≠ dev-friendly.
That's why we go beyond traditional DAST, delivering AI-generated vulnerability reports that provide real exploit paths, app behavior, and code context, so teams can fix faster.
Read more in Tales from the Trace 👉 https://bit.ly/4rr5Jz1
That's why we go beyond traditional DAST, delivering AI-generated vulnerability reports that provide real exploit paths, app behavior, and code context, so teams can fix faster.
Read more in Tales from the Trace 👉 https://bit.ly/4rr5Jz1
February 3, 2026 at 6:53 PM
Traditional DAST ≠ dev-friendly.
That's why we go beyond traditional DAST, delivering AI-generated vulnerability reports that provide real exploit paths, app behavior, and code context, so teams can fix faster.
Read more in Tales from the Trace 👉 https://bit.ly/4rr5Jz1
That's why we go beyond traditional DAST, delivering AI-generated vulnerability reports that provide real exploit paths, app behavior, and code context, so teams can fix faster.
Read more in Tales from the Trace 👉 https://bit.ly/4rr5Jz1
The AI arms race doesn’t mean defenders lose.
Our CEO, Oege de Moor, joined @economist.com’s new "Boss Class" podcast to discuss how AI is accelerating real-world pentesting and ultimately giving the good guys better tools.
Link in replies 🔗
Our CEO, Oege de Moor, joined @economist.com’s new "Boss Class" podcast to discuss how AI is accelerating real-world pentesting and ultimately giving the good guys better tools.
Link in replies 🔗
February 3, 2026 at 4:02 PM
The AI arms race doesn’t mean defenders lose.
Our CEO, Oege de Moor, joined @economist.com’s new "Boss Class" podcast to discuss how AI is accelerating real-world pentesting and ultimately giving the good guys better tools.
Link in replies 🔗
Our CEO, Oege de Moor, joined @economist.com’s new "Boss Class" podcast to discuss how AI is accelerating real-world pentesting and ultimately giving the good guys better tools.
Link in replies 🔗
Introducing the XBOW Public API
Run expert-level pentests at machine speed, now at infrastructure scale.
Embed autonomous pentesting directly into your workflows: launch assessments, pull findings, stream results via webhooks, and more.
Read the announcement: https://bit.ly/45Kkq7V
Run expert-level pentests at machine speed, now at infrastructure scale.
Embed autonomous pentesting directly into your workflows: launch assessments, pull findings, stream results via webhooks, and more.
Read the announcement: https://bit.ly/45Kkq7V
February 2, 2026 at 4:01 PM
Introducing the XBOW Public API
Run expert-level pentests at machine speed, now at infrastructure scale.
Embed autonomous pentesting directly into your workflows: launch assessments, pull findings, stream results via webhooks, and more.
Read the announcement: https://bit.ly/45Kkq7V
Run expert-level pentests at machine speed, now at infrastructure scale.
Embed autonomous pentesting directly into your workflows: launch assessments, pull findings, stream results via webhooks, and more.
Read the announcement: https://bit.ly/45Kkq7V
Can XBOW hack your app?
Find out how your app holds up against real-world attackers.
👉 See for yourself: https://bit.ly/49WNjPy
Find out how your app holds up against real-world attackers.
👉 See for yourself: https://bit.ly/49WNjPy
January 29, 2026 at 6:59 PM
Can XBOW hack your app?
Find out how your app holds up against real-world attackers.
👉 See for yourself: https://bit.ly/49WNjPy
Find out how your app holds up against real-world attackers.
👉 See for yourself: https://bit.ly/49WNjPy
New look. Same mission. 🏹
Our visual identity is evolving, but our focus hasn’t changed: redefining how organizations think about offensive security by transforming application security with AI-powered, continuous offense.
Explore what’s new: https://bit.ly/3ZDQVkx
Our visual identity is evolving, but our focus hasn’t changed: redefining how organizations think about offensive security by transforming application security with AI-powered, continuous offense.
Explore what’s new: https://bit.ly/3ZDQVkx
January 26, 2026 at 5:53 PM
New look. Same mission. 🏹
Our visual identity is evolving, but our focus hasn’t changed: redefining how organizations think about offensive security by transforming application security with AI-powered, continuous offense.
Explore what’s new: https://bit.ly/3ZDQVkx
Our visual identity is evolving, but our focus hasn’t changed: redefining how organizations think about offensive security by transforming application security with AI-powered, continuous offense.
Explore what’s new: https://bit.ly/3ZDQVkx
We’re thrilled to welcome WonLae Lee, a respected offensive security leader with decades of experience, as General Manager of South Korea. His leadership will play a key role as XBOW continues to grow across the Asia-Pacific region! https://bit.ly/49yjRR4
January 22, 2026 at 3:58 PM
We’re thrilled to welcome WonLae Lee, a respected offensive security leader with decades of experience, as General Manager of South Korea. His leadership will play a key role as XBOW continues to grow across the Asia-Pacific region! https://bit.ly/49yjRR4
Where security goes on offense.
Trained by top hackers, proven in the wild. Ranked #1 on HackerOne worldwide leaderboard.
Explore it during our limited 10-day promotion. xbow.com/pentest
Trained by top hackers, proven in the wild. Ranked #1 on HackerOne worldwide leaderboard.
Explore it during our limited 10-day promotion. xbow.com/pentest
December 16, 2025 at 5:48 PM
Where security goes on offense.
Trained by top hackers, proven in the wild. Ranked #1 on HackerOne worldwide leaderboard.
Explore it during our limited 10-day promotion. xbow.com/pentest
Trained by top hackers, proven in the wild. Ranked #1 on HackerOne worldwide leaderboard.
Explore it during our limited 10-day promotion. xbow.com/pentest
Seznam needed answers fast.
XBOW delivered. ⚡
Real pentest results. No drag. No drama.
For a limited time, we’re offering the same fast-track pentest experience and we will guarantee an exploit-validated security finding or you don’t pay.
⏰ Offer ends 12/26.
👉 xbow.com/pentest
XBOW delivered. ⚡
Real pentest results. No drag. No drama.
For a limited time, we’re offering the same fast-track pentest experience and we will guarantee an exploit-validated security finding or you don’t pay.
⏰ Offer ends 12/26.
👉 xbow.com/pentest
December 15, 2025 at 4:55 PM
Seznam needed answers fast.
XBOW delivered. ⚡
Real pentest results. No drag. No drama.
For a limited time, we’re offering the same fast-track pentest experience and we will guarantee an exploit-validated security finding or you don’t pay.
⏰ Offer ends 12/26.
👉 xbow.com/pentest
XBOW delivered. ⚡
Real pentest results. No drag. No drama.
For a limited time, we’re offering the same fast-track pentest experience and we will guarantee an exploit-validated security finding or you don’t pay.
⏰ Offer ends 12/26.
👉 xbow.com/pentest
Pentests that take weeks cannot secure software that changes daily.
🚀 XBOW Lightspeed provides expert-level testing in hours with autonomous offensive security.
📍 See it live at Booth 215 today!
🚀 XBOW Lightspeed provides expert-level testing in hours with autonomous offensive security.
📍 See it live at Booth 215 today!
December 10, 2025 at 9:25 AM
Pentests that take weeks cannot secure software that changes daily.
🚀 XBOW Lightspeed provides expert-level testing in hours with autonomous offensive security.
📍 See it live at Booth 215 today!
🚀 XBOW Lightspeed provides expert-level testing in hours with autonomous offensive security.
📍 See it live at Booth 215 today!
🗓️ Today at the AI Summit join our talk on The Autonomous Offense Era: Securing a World Where Attackers Don’t Sleep
XBOW's Nico, Aqueel, and Sarah unpack autonomous exploitation, what works, what fails, and what to expect next.
📍 Find us at Booth 215 for live walkthroughs after the session.
XBOW's Nico, Aqueel, and Sarah unpack autonomous exploitation, what works, what fails, and what to expect next.
📍 Find us at Booth 215 for live walkthroughs after the session.
December 9, 2025 at 10:12 AM
🗓️ Today at the AI Summit join our talk on The Autonomous Offense Era: Securing a World Where Attackers Don’t Sleep
XBOW's Nico, Aqueel, and Sarah unpack autonomous exploitation, what works, what fails, and what to expect next.
📍 Find us at Booth 215 for live walkthroughs after the session.
XBOW's Nico, Aqueel, and Sarah unpack autonomous exploitation, what works, what fails, and what to expect next.
📍 Find us at Booth 215 for live walkthroughs after the session.
Huge appreciation to the Seznam team!
On their first demo, XBOW identified a critical vulnerability with zero access and zero prep, just autonomous offensive security doing real work for a real customer.
It’s the kind of partnership that proves what matters.
www.youtube.com/watch?v=w4L2...
On their first demo, XBOW identified a critical vulnerability with zero access and zero prep, just autonomous offensive security doing real work for a real customer.
It’s the kind of partnership that proves what matters.
www.youtube.com/watch?v=w4L2...
The Real Impact of AI on Security Testing | XBOW & Seznam
AI is transforming cybersecurity, but can it actually discover real vulnerabilities? In this XBOW & Seznam case study, we break down the practical impact of ...
www.youtube.com
December 8, 2025 at 6:14 PM
Huge appreciation to the Seznam team!
On their first demo, XBOW identified a critical vulnerability with zero access and zero prep, just autonomous offensive security doing real work for a real customer.
It’s the kind of partnership that proves what matters.
www.youtube.com/watch?v=w4L2...
On their first demo, XBOW identified a critical vulnerability with zero access and zero prep, just autonomous offensive security doing real work for a real customer.
It’s the kind of partnership that proves what matters.
www.youtube.com/watch?v=w4L2...
Black Hat Europe starts today!
📍 Booth 215 all week. Autonomous multi-agent offense. Human-level testing in hours. Full exploit validation.
Come see it live.
📍 Booth 215 all week. Autonomous multi-agent offense. Human-level testing in hours. Full exploit validation.
Come see it live.
December 8, 2025 at 11:56 AM
Black Hat Europe starts today!
📍 Booth 215 all week. Autonomous multi-agent offense. Human-level testing in hours. Full exploit validation.
Come see it live.
📍 Booth 215 all week. Autonomous multi-agent offense. Human-level testing in hours. Full exploit validation.
Come see it live.
AI-enabled attackers have already accelerated.
The question: can your offensive security match their speed?
Next week at Black Hat Europe, we’re showing how autonomous offense closes the security scale gap with human-level testing in hours.
Let us show you how @ booth #215
The question: can your offensive security match their speed?
Next week at Black Hat Europe, we’re showing how autonomous offense closes the security scale gap with human-level testing in hours.
Let us show you how @ booth #215
December 5, 2025 at 1:13 PM
AI-enabled attackers have already accelerated.
The question: can your offensive security match their speed?
Next week at Black Hat Europe, we’re showing how autonomous offense closes the security scale gap with human-level testing in hours.
Let us show you how @ booth #215
The question: can your offensive security match their speed?
Next week at Black Hat Europe, we’re showing how autonomous offense closes the security scale gap with human-level testing in hours.
Let us show you how @ booth #215
Pentests that take weeks can’t secure software that changes daily.
XBOW Lightspeed uses autonomous multi-agent offense to deliver human-level testing in hours, with full exploit validation and continuous coverage.
xbow.com/pentest
XBOW Lightspeed uses autonomous multi-agent offense to deliver human-level testing in hours, with full exploit validation and continuous coverage.
xbow.com/pentest
December 3, 2025 at 7:56 PM
Pentests that take weeks can’t secure software that changes daily.
XBOW Lightspeed uses autonomous multi-agent offense to deliver human-level testing in hours, with full exploit validation and continuous coverage.
xbow.com/pentest
XBOW Lightspeed uses autonomous multi-agent offense to deliver human-level testing in hours, with full exploit validation and continuous coverage.
xbow.com/pentest
1/ XBOW Unleashes GPT-5’s Hidden Hacking Power.
OpenAI
's initial assessment of GPT-5 showed modest cyber capabilities. But when integrated into the XBOW platform, we saw a completely different story: performance more than doubled.
More on what we found: 🧵
OpenAI
's initial assessment of GPT-5 showed modest cyber capabilities. But when integrated into the XBOW platform, we saw a completely different story: performance more than doubled.
More on what we found: 🧵
August 15, 2025 at 9:31 PM
1/ XBOW Unleashes GPT-5’s Hidden Hacking Power.
OpenAI
's initial assessment of GPT-5 showed modest cyber capabilities. But when integrated into the XBOW platform, we saw a completely different story: performance more than doubled.
More on what we found: 🧵
OpenAI
's initial assessment of GPT-5 showed modest cyber capabilities. But when integrated into the XBOW platform, we saw a completely different story: performance more than doubled.
More on what we found: 🧵
See autonomous pentesting live at #BlackHat!
Next week, XBOW will run on active HackerOne programs from the expo floor.
Watch AI agents find and validate real vulns—fast.
📍 Booth 3257
Next week, XBOW will run on active HackerOne programs from the expo floor.
Watch AI agents find and validate real vulns—fast.
📍 Booth 3257
August 1, 2025 at 5:00 PM
See autonomous pentesting live at #BlackHat!
Next week, XBOW will run on active HackerOne programs from the expo floor.
Watch AI agents find and validate real vulns—fast.
📍 Booth 3257
Next week, XBOW will run on active HackerOne programs from the expo floor.
Watch AI agents find and validate real vulns—fast.
📍 Booth 3257
XBOW is now the #1 hacker on HackerOne, globally.
For the first time, our autonomous AI pentester tops the worldwide leaderboard.
Next week at #BlackHat, we’re taking it live:
We’ll run real-time on HackerOne programs—come see XBOW find vulnerabilities.
📍 Booth 3257
For the first time, our autonomous AI pentester tops the worldwide leaderboard.
Next week at #BlackHat, we’re taking it live:
We’ll run real-time on HackerOne programs—come see XBOW find vulnerabilities.
📍 Booth 3257
July 31, 2025 at 10:02 PM
XBOW is now the #1 hacker on HackerOne, globally.
For the first time, our autonomous AI pentester tops the worldwide leaderboard.
Next week at #BlackHat, we’re taking it live:
We’ll run real-time on HackerOne programs—come see XBOW find vulnerabilities.
📍 Booth 3257
For the first time, our autonomous AI pentester tops the worldwide leaderboard.
Next week at #BlackHat, we’re taking it live:
We’ll run real-time on HackerOne programs—come see XBOW find vulnerabilities.
📍 Booth 3257