Human + AI Teams: The New Frontier in the War on Cyber Threats

NATIONAL HARBOR, MD – May 22, 2026 – As cybersecurity leaders prepare to convene for the Gartner Security & Risk Management Summit, the industry is grappling with a stark reality: defensive strategies are being outpaced by a new breed of AI-enabled adversary. In this high-stakes environment, cybersecurity firm Synack is set to highlight a paradigm shift in security validation, moving away from traditional periodic testing toward a continuous, hybrid model that merges artificial intelligence with elite human expertise.

The urgency is underscored by alarming industry data. A forthcoming 2026 report from Synack and Omdia reveals that while 95% of organizations consider penetration testing a top priority, they only manage to test an average of 32% of their attack surface annually. This leaves a staggering 68% of enterprise environments—a vast and fertile ground for attackers—uninspected and vulnerable at a time when threats operate continuously and at machine speed.

“Traditional pentesting was acceptable when adversaries moved on a human clock. They don’t anymore,” stated Jay Kaplan, CEO and Co-founder of Synack, in a recent announcement. “Organizations now need continuous security validation—combining AI for scale and human expertise for real-world exploitability validation. AI finds more. Humans prove what matters.”

The Widening Gap in Enterprise Defense

The security coverage gap is not merely a statistic; it represents a fundamental breakdown between the speed of modern development and the cadence of traditional security. Enterprises now ship code daily, deploy countless APIs, and scale cloud infrastructure on demand. Each change, however small, alters the attack surface, potentially introducing new vulnerabilities that periodic, calendar-based testing is ill-equipped to find.

This challenge aligns directly with guidance from leading industry analysts. Gartner, for instance, has championed the concept of Continuous Threat Exposure Management (CTEM), a framework designed to help organizations continuously identify, prioritize, and validate their exposures. The research firm predicts that by 2026, organizations that prioritize their security investments based on a CTEM program will be three times less likely to suffer a breach. The industry's move toward continuous models reflects a consensus that point-in-time assessments are no longer sufficient to secure a dynamic and ever-expanding digital footprint.

The problem is compounded by a deluge of disclosed vulnerabilities, which jumped from around 21,000 in 2021 to nearly 50,000 in 2025. Security teams, often expected to do more with less, are overwhelmed, creating a backlog that attackers are all too eager to exploit.

A Hybrid Approach: Machine Scale Meets Human Ingenuity

To address this chasm, Synack is advocating for its “Human + AI” platform, a model designed to provide the scale of automation without sacrificing the critical thinking that only a human expert can provide. This dual-pronged approach is central to its strategy for continuous security validation.

The first component is Sara AI Pentesting, an autonomous agent that emulates the behavior of a human security researcher. Trained on metadata from nearly 10 million hours of security testing, Sara AI performs reconnaissance, maps attack surfaces, and conducts initial exploit validation at a velocity and scale unattainable through manual efforts alone. The goal is to automate the laborious and time-consuming aspects of testing, allowing the AI to quickly identify potential risks across the entire enterprise environment.

However, the platform's core strength lies in its synergy with the Synack Red Team (SRT), a global, vetted community of ethical hackers. With a stringent acceptance rate of less than 10%, the SRT provides the ingenuity, creativity, and contextual understanding that AI currently lacks. These human experts focus on validating the AI's findings and hunting for complex, chained exploits and business logic flaws—vulnerabilities that often lead to the most significant breaches and are notoriously difficult for automated scanners to detect. This human-in-the-loop model, or “copilot approach” as some analysts call it, ensures that security teams receive actionable, verified intelligence, not a flood of false positives.

The Rise of the Machine-Speed Adversary

The push for a hybrid security model is a direct response to the evolution of offensive cyber capabilities. Adversaries are now leveraging AI to automate and accelerate nearly every stage of an attack. AI-powered tools can generate hyper-realistic phishing emails, create polymorphic malware that constantly changes its signature to evade detection, and rapidly scan for vulnerabilities to develop exploits in hours, not weeks.

This automation has effectively eliminated the grace period between the disclosure of a vulnerability and its active exploitation. It has also lowered the barrier to entry, enabling less-skilled actors to launch sophisticated, multi-vector campaigns that would have previously required significant resources and expertise. The modern threat landscape is one where attackers can operate in parallel, launching discovery campaigns across networks, cloud infrastructure, and messaging platforms simultaneously and at marginal cost.

For defenders, this means that reactive security is a losing strategy. The sheer volume and velocity of AI-driven attacks demand a proactive and continuous defensive posture. Security operations must evolve to match this new tempo, embedding validation and testing directly into development pipelines and operational workflows.

Gartner Summit to Spotlight a New Security Paradigm

Synack's presence at the Gartner Security & Risk Management Summit, a key forum for industry leaders, will bring this conversation to the forefront. At its booth, the company plans to offer live demonstrations of its Sara AI agent in action. Furthermore, a theater session titled “Cutting Through AI Noise: Defending Against Machine-Speed Cyber Adversaries” aims to help security leaders differentiate between legacy automation and the emerging Human + AI validation models designed for enterprise scale.

The discussion is timely, as Gartner itself recently introduced a framework for “Continuous Offensive Security Testing” (COST), described as a trigger-driven, intelligence-led model that replaces calendar-based pentesting. This model explicitly calls for a blend of automation, AI, and human expertise to validate security whenever a material risk changes. Synack's approach appears to be in lockstep with this forward-looking guidance, positioning continuous, hybrid validation as the new standard for building operational resilience. As organizations navigate the dual-edged sword of artificial intelligence, the ability to continuously prove their defenses against an intelligent and automated adversary may well become the ultimate measure of security.