2026 WINNER · CYBERSECURITY STARS AWARDS
Novee Security · Continuous AI Penetration Testing Platform
Best Autonomous Penetration Testing Platform
Overview
Novee (novee.security) is the AI penetration testing platform built to secure constantly changing environments against attackers operating at machine speed. Its purpose-trained AI reasons like a real attacker, uncovers novel attack paths continuously, and delivers precise, personalized fixes so teams can stay one step ahead of hackers. Founded by national-level offensive security leaders Ido Geffen, Gon Chalamish, and Omer Ninburg, Novee has raised $51.5 million within four months of its inception from leading investors including YL Ventures, Canaan Partners, and Zeev Ventures.
Key Capabilities
Novee is an AI-powered offensive security platform that combines the capabilities of an AI hacker and an AI defender in one continuous penetration testing system. It is built to reason, adapt and execute like an experienced attacker. Novee continuously maps an organization's live environment and understands how each asset works. It then generates and tests application-specific attack hypotheses, finding the vulnerabilities that matter most: business logic flaws, authorization gaps, and chained attack paths across every application continuously. The platform validates each exploit with reproducible steps, and then guides teams through verified remediation.
At the core of the platform are two proprietary systems: Novee's Omni-Model Offensive System and its Asset Intelligence Model. The Omni-Model Offensive System uses Novee's proprietary offensive model alongside continuously benchmarked best-in-class frontier models. It selects the optimal model for each task and coordinates specialized AI agents across each stage of the offensive testing lifecycle, including mappers, analyzers, planners, hunters, validators, and fixers. Each agent is purpose-built for its role and continuously benchmarks to promote the top-performing model into each role.
In tandem, the Asset Intelligence Model builds a living understanding of each application, including its roles, permissions, workflows, APIs and trust boundaries. This context compounds with every testing cycle, allowing Novee to uncover vulnerabilities that scanners and episodic pentests often miss.
It provides visibility into:
- Business logic flaws
- Authorization gaps
- Workflow manipulation
- Cross-tenant access issues and chained attack paths
Novee understands how an application is supposed to work, then systematically tests the ways it can be broken. Beyond discovery, every reported finding is validated through multiple independent agents and, where possible, deterministic checks. Findings are delivered with a working exploit, replication steps and a proof-of-concept script, helping security teams focus on real exploitable risk rather than theoretical alerts. When it's time to remediate, the platform provides guidance tailored to the organization's WAF, backend, tech stack and codebase, with automatic retesting to confirm the fix held and did not introduce new risk.
Novee supports black-box, gray-box and white-box testing, and can begin from only a domain name with no source code or internal setup. Unlike token-based pricing models popular among generic LLM pentesting use cases, Novee's per-asset pricing model allows organizations to test as deeply and frequently as needed without increasing cost based on testing depth or frequency. The platform delivers autonomous pentesting that gives security teams a repeatable way to test what attackers actually see as their environments change.
Novee also extends autonomous testing to modern AI attack surfaces, including AI agents and LLM-powered applications. This gives security teams a way to continuously test environments where risk often emerges from context, chaining and unintended interactions.
How we are different
Novee is different because it is not simply automating a checklist of known vulnerability classes. It combines omni-model offensive reasoning, autonomous execution, and deep asset intelligence to make penetration testing continuous, adaptive and context-aware. And after running a report, it generates detailed remediation guidance for security teams and developers to act on.
Traditional automated scanners can run continuously, but they lack the context to understand how an application is supposed to work. They often miss the business logic flaws, authorization gaps, workflow manipulation and chained attack paths that lead to real breaches. Manual pentesting delivers that depth, but only at a point in time and across a limited portion of the environment. Novee brings those two worlds together. It has the depth of skilled offensive reasoning with the speed, scale, and continuity of AI.
That is crucial because modern applications change continuously. Code ships daily, AI accelerates development, and every deployment can reshape the attack surface. The system you tested last week is already a different system today. Novee addresses that gap by firing on demand or when changes are introduced, keeping security validation aligned with the pace of development.
Novee has some compelling case studies to support its differentiation. UiPath, a leading agentic automation platform, uses Novee to continuously validate tenant isolation across its multi-tenant SaaS environment, a security boundary its CISO described as "non-negotiable." Novee adapted to UiPath's product within days and now provides ongoing validation that tenant isolation holds against real attacker techniques.
JB Poindexter & Co. is one of the largest truck body manufacturers in North America, supplying major fleets like Ryder, UPS, and FedEx out of Houston, Texas. When their CISO set out to modernize the company's offensive testing program, he wasn't looking for another compliance exercise. He wanted validation that would hold up in his actual environment, against the vulnerabilities attackers could actually exploit. They partnered with Novee and found critical vulnerabilities with real business impact on day one of the engagement, which has since continued into a true partnership with constant communication and active collaboration.
Novee's differentiation is also validated by its research team, which is already uncovering real vulnerabilities in AI and developer environments. The Hacker News recently covered Novee Security's research into a CVSS 10 Gemini CLI CI remote code execution issue affecting Google's Gemini CLI npm package and GitHub Actions workflow, where malicious content could be loaded as Gemini configuration and trigger host-level command execution before the agent sandbox initialized. The same article also highlighted Novee's research into a high-severity Cursor vulnerability that could lead to arbitrary code execution through prompt injection and Git feature interaction.
Gallery
