XBOW (@Xbow) / X

XBOW

343 posts

XBOW

@Xbow

Bringing AI to offensive security by autonomously finding and exploiting web vulnerabilities. xbow.com

Seattle, Washington, USA

Joined May 2007

Pinned
XBOW
@Xbow
Nov 12, 2025
Expert-level pentesting. On demand. Starting today. → Launch in minutes → Results in 5 days → Validated, reproducible, compliance-ready 🗓️ Live demo walkthrough tomorrow: xbow.com/pentest-webinar
00:00
21K
XBOW
@Xbow
5h
“Exploit proof” needs to rise to the top of your remediation program as a key modifier for findings, rather than trying to boil the ocean, says Moderna Deputy CISO Farzan Karimi in a recent webinar with XBOW co-founder @nicowaisman. Hear more from Farzan below. Watch full
00:00
766
XBOW
@Xbow
Jun 24
The Five Eyes cyber security agencies just set a timeline for what many security leaders already know: AI-driven cyber risk is arriving in the next few months. From their June 22 statement: “As the leaders of the Five Eyes cyber security agencies, we are united in our call to
882
XBOW
@Xbow
Jun 24
How does XBOW identify business logic flaws? Hear from XBOW security researcher @pwntester in the clip below. Get more of his thoughts on business logic flaws and how to address them in his new blog: bit.ly/4fKEpsP
00:00
1.2K
XBOW
@Xbow
Jun 23
In a new episode of the Cyberwire podcast, “Vulnerability response. Built for humans, outpaced by machines,” XBOW Head of Security Labs @fede_k shares his perspective on vulnerability management when frontier models are finding the flaws. Listen to the episode:
1.1K
XBOW
@Xbow
Jun 23
What would it take to build an AI-powered offensive security tool? We highlight the cost below. Get full details in our new whitepaper: bit.ly/4eqcEDH
GIF
1.3K
XBOW
@Xbow
Jun 22
Why do you need a harness around a model for offensive security? XBOW Head of Security Labs @fede_k explains on the Application Security Weekly podcast. See clip below. Watch full episode: bit.ly/4uKbclK
00:00
1.6K
XBOW
@Xbow
Jun 18
Why are design flaws like IDOR so hard to find with automation? XBOW security researcher @pwntester explains in the clip below. Get more of his thoughts on business logic flaws and how to address them in his new blog: bit.ly/4fKEpsP
00:00
995
XBOW
@Xbow
Jun 18
We're looking forward to meeting the AppSec community at @owasp Global AppSec EU 2026 to discuss how autonomous offensive security continuously validates exploitable risk with evidence, helping teams prioritize based on exploitability, not assumptions. Join us at OWASP EU to see
727
XBOW
@Xbow
Jun 17
If an organization can point a powerful language model at an application and unearth findings, is it effectively running a penetration test? Our new whitepaper breaks down where LLMs are powerful tools for pentesting, and where they need more support. It also details how XBOW
1.2K
XBOW
@Xbow
Jun 17
Join us for a live session with XBOW solution architect @loiliangyang at 1:30PM Singapore time this Wednesday! Loi will explain how XBOW autonomously emulates real attacker behavior to uncover and validate exploitable weaknesses in enterprise organizations. Learn how you can
658
XBOW
@Xbow
Jun 16
XBOW is changing the world! We’re thrilled to announce that XBOW has been named a winner of @FastCompany's 2026 World Changing Ideas Awards in the Business Products & Services category. “This year’s honorees are turning bold ideas into tangible solutions and addressing urgent
1.2K
XBOW
@Xbow
Jun 15
Security teams are being asked to make decisions faster, with more findings and less signal. We're looking forward to joining security leaders from across the financial sector at @FSISAC 2026 EMEA Summit this week to discuss how autonomous offensive security continuously
841