Ridge Security released PurpleRidge 3.0 at RSAC 2026, a self-service penetration testing platform that uses agentic AI to give small and mid-sized businesses the kind of offensive security validation that has traditionally required dedicated teams and six-figure budgets.

The upgrade marks a shift from the platform’s earlier machine-learning architecture to one built on agentic AI, powered by Google Cloud and the Gemini LLM. PurpleRidge runs autonomous penetration tests that combine large language model reasoning with cybersecurity domain expertise, then delivers results without requiring human operators to manage the process.

The target market is clear: SMBs and managed security service providers (MSSPs) that face the same AI-driven threats as enterprises but lack the resources to continuously test their defenses.

“PurpleRidge acts as a dedicated security team for organizations without dedicated resources, tirelessly validating defenses against AI-based attacks and compliance mandates so they can focus on growth,” said Lydia Zhang, President and Co-founder of Ridge Security. “It’s the first solution to combine LLM reasoning with deep cybersecurity expertise in a fully self-service package.”

PurpleRidge 3.0 sits alongside Ridge Security’s enterprise platform, RidgeBot, which handles adversarial risk validation for larger organizations. The company has been recognized by Gartner in its Market Guide for Adversarial Exposure Validation.

Ridge Security is offering 200 free credits to new PurpleRidge accounts during RSAC week, enough to run two full penetration tests.