A Year of Testing Has Cooled Security Teams' Enthusiasm for AI-Run Hacking Drills
Companies that hoped AI could fully replace human security testers have pulled back sharply. New data shows only 9% still trust fully automated systems — down from nearly a third just twelve months ago.

Key points
- The share of organisations willing to rely entirely on AI-powered penetration testing — structured drills where security experts try to break into their own systems to find weaknesses before criminals do — fell from 29% in 2025 to just 9% in 2026, according to a June 25 report by Cobalt, a security-testing firm.
- 78% of companies reported that automated security tools missed serious vulnerabilities — flaws bad enough to let attackers cause real damage — during assessments.
- Microsoft patched 206 unique software flaws in its June 2026 monthly security update, a record number, with AI tools credited for finding many of them.
- Vulnerabilities are being reported at a rate 46% higher than analysts predicted, according to a June 2026 analysis by the Forum of Incident Response and Security Teams (FIRST).
- HackerOne, a firm that runs bug-bounty programmes — competitions where independent researchers earn money for finding security flaws — temporarily paused one such programme because the flood of AI-generated submissions overwhelmed its staff.
One year ago, roughly three in ten security professionals believed that AI could handle their organisation's penetration testing entirely on its own. Penetration testing — often called "pen testing" — is when trained experts deliberately try to break into a company's own systems, mimicking what a real criminal would do, so weaknesses can be fixed before anyone malicious finds them.
That confidence has collapsed.
A report published on June 25 by Cobalt, a firm that sells penetration-testing services, found the share of organisations prepared to trust fully autonomous AI systems with this job dropped from 29% to 9% in a single year. The vast majority now want a human expert involved at every meaningful step.
Why did confidence drop so fast?
The short answer: AI security tools kept missing things that mattered. Nearly four in five companies — 78%, according to Cobalt — found that automated tools produced false negatives, meaning the software looked at a real, serious flaw and reported that everything was fine.
That is a costly kind of mistake. A missed vulnerability is an open door.
At the same time, the tools generated enormous volumes of output, burying security teams in data. "A human expert is needed to decide whether a lead is worth pursuing," said Derek Rush, a senior consultant at offensive-security firm Bishop Fox. Without that judgment, teams are left chasing noise while genuine risks go unaddressed.
Costs compounded the frustration. AI-powered security services bill by usage, and those bills have proven difficult to predict — a pattern security leaders have watched play out in other parts of their organisations too.
Gunter Ollmann, chief technology officer at Cobalt, said chief information security officers — the executives responsible for an organisation's overall security posture — spent the past two years under board pressure to adopt AI everywhere. Now, with a year of real-world results in hand, many have grown cautious.
The problem is partly self-inflicted. AI-assisted programmers are writing more code, faster. More code means more places for flaws to hide. FIRST analysts calculated that new vulnerabilities are being reported at a rate 46% above last year's forecasts — and Microsoft's record-breaking June 2026 update, which patched 206 separate flaws, illustrated exactly where that trend leads. AI found many of those flaws. Human engineers then had to verify each one.
That verification step is now the chokepoint.
"The constraint is no longer discovery; it is the human capacity to verify, coordinate, and patch," FIRST analysts Jerry Gamblin and Eireann Leverett wrote in their assessment.
The emerging consensus, echoed by Cobalt, Bishop Fox, and HackerOne alike, is that AI works best as a tireless first-pass assistant — scanning broadly and continuously — while experienced humans handle the judgment calls. Full autonomy, for now, remains out of reach.
For ordinary people, the practical implication is straightforward: the organisations holding your data are under growing pressure to find and fix security gaps faster than ever. Ask the services you use whether they conduct regular independent security testing — and whether humans are in the loop when the results come back.



