Hadrian has launched Nova, an agentic pentesting solution that extends its external exposure management platform with on-demand, autonomous penetration testing capabilities. The announcement was made at RSAC 2026 in San Francisco.

Nova is designed to replace the slow, expensive cycle of scheduling human-led penetration tests. Instead of waiting weeks for a firm to engage and deliver results, Nova runs continuously, replicating the methodologies of offensive security professionals without the capacity limits or scheduling friction of human-driven engagements.

Key capabilities include deep attack path exploration, context-rich asset analysis, expert-level offensive reasoning at scale, customer-controlled scoping and repeatability, and transparent execution with validated findings. The platform also supports human-and-AI collaboration, combining machine-scale testing with expert review, and includes compliance support for organizations with audit requirements.

Rogier Fischer, Co-founder and CEO of Hadrian, framed the urgency this way: “AI-driven automation now allows attackers to weaponize vulnerabilities at machine speed and attackers don’t wait. They probe continuously, opportunistically, at scale, and they only need one gap to get in. In this new landscape, Nova enables security teams to answer the question that matters most: What could attackers realistically do to us right now?”

Fischer added: “Agentic Pentesting gives security teams the same speed advantage attackers have, but with the validation needed for effective defense. By combining on demand, AI-driven pentesting with human-in-the-loop verification, teams can validate their entire external perimeter as often as the business demands, with confidence that every finding is legitimate and every fix actually reduces risk.”

Hadrian’s existing platform already cuts through 99.5% of false positives and delivers step-by-step remediation guidance. The company reports that customers reduce time to resolution by 80%. Hadrian holds SOC 2 Type II and ISO 27001 certifications and has been recognized as a Leader and Outperformer in the GigaOm Radar for Attack Surface Management for three consecutive years.

Nova is available immediately. Pricing is per-test rather than subscription-based, allowing organizations to run tests as often as needed without committing to a retainer. Proof-of-value engagements are available at hadrian.io.