The record-breaking autonomous offensive security company extends its full-stack testing to include AI systems, covering web, API, and AI application layers in a single run.
NEW YORK CITY, NY / ACCESS Newswire / June 1, 2026 / Tenzai, the autonomous offensive security company ranked top 1% against 125,000 human hackers across six global platforms, today announced the extension of its AI hacker to include AI applications, enabling enterprise security teams to test the complete attack surface of modern AI systems, from the web layer and APIs through to the AI application itself.
Today’s announcement comes as AI applications enter production at a pace that has outrun existing security infrastructure. Gartner projects that 40% of enterprise applications will embed task-specific AI agents by the end of 2026, up from less than 5% in 2025. A significant share of those applications are being built by AI coding agents, with Tenzai’s own research finding that every major AI coding tool – Cursor, Claude Code, Codex, and Devin – shipped vulnerable code when tested against identical prompts and environments. Independent research corroborates the pattern: 45% of AI-generated code samples introduce OWASP Top 10 vulnerabilities, and the consequences are compounding – March 2026 alone saw more CVEs directly attributed to AI-generated code than all of 2025 combined.
A Different Approach to AI Application Security
Tenzai’s approach to AI application security is different from the market norm. The majority of AI application security tooling in the market today was built from the model outward: it tests whether the model resists prompt injection, whether it leaks training data, or whether guardrails hold. Tenzai’s approach starts from the full attack surface and works inward.
That distinction matters because of what AI application vulnerabilities actually look like in practice. A prompt injection is often the entry point, but the underlying vulnerability is excessive tool authority, a missing authorization check, or a credential that propagates to a workflow that shouldn’t inherit it. These are classic security bugs made reachable through the AI layer. Finding them requires an agent that understands both the AI behavior and the infrastructure it operates in.
When Tenzai’s agent encounters an AI application, it does not run a prompt-injection checklist against the model. It maps the application as a set of actors, instructions, tools, credentials, guardrails, state transitions, and endpoints and generates leads across all of them.
“The most consequential vulnerabilities in AI applications don’t live in the model, they live in what the model-driven agents have access to,” said Pavel Gurvich, CEO and cofounder of Tenzai. “Expanding Tenzai’s AI hacker to AI applications is the natural next step: our hacker already traces attack paths across the web layer, the APIs, and now the AI behavior in the same run, continuously, with every test building on what the last one learned. The findings that matter are almost always chains, so testing one layer in isolation, or testing once a quarter, misses them.”
Watch a demo and read more about Tenzai’s AI application hacking here: LINK
About Tenzai:
Tenzai is an AI-native cybersecurity company building autonomous AI hackers to ensure enterprises deliver unbreakable code. Its platform actively hacks, exploits, and helps fix vulnerabilities across enterprise software – continuously and at scale. Founded in 2025 by cybersecurity veterans Pavel Gurvich, Ariel Zeitlin, Ofri Ziv, Itamar Tal, and Aner Mazur, Tenzai has raised $75 million in seed funding from leading investors including Battery Ventures, Greylock Partners, Lux Capital, and Swish Ventures. Read more: http://www.tenzai.com
Media contact:
Itai Singer, TellNY
[email protected]
SOURCE: Tenzai
