What happened
Assail launched Sidewinder (July 7, 2026), a second-generation redesign of its Ares offensive-security platform built on a new 31B-parameter model that plans its own pentest engagements via 12 specialized agents against a persistent knowledge graph, uses vision-grounded browser automation to find cross-account/BOLA/BFLA flaws, and reviews/repairs its own false positives without human intervention; deployable managed on AWS/Azure/GCP or fully on-prem.
Why it matters
Moves AI-driven pentesting from fixed-script scanning to a persistent, self-correcting autonomous agent fleet with replayable evidence and MITRE ATT&CK-mapped kill chains, pushing continuous validation as a replacement for point-in-time pentests.
Applicability
Security teams currently relying on annual/point-in-time pentesting should evaluate continuous autonomous offensive testing platforms, particularly those needing sovereign/air-gapped deployment options.