BOSTON, June 2, 2026. SpartanX, the world's only full-stack AI-powered autonomous red teaming platform, today announced the release of NodeX, a new Internal Attack Capability which extends SpartanX's External Attack Platform. In parallel, the company released Targeted Attack Validation (TAV) which ingests findings from Tenable, Rapid7, Qualys, and more than 150 security tools, validating novel exploitations through chained attack paths, thereby reducing scanner noise to a small number of confirmed-exploitable, evidence-backed priorities.
A First for the Market: End-to-End Autonomous Red Teaming
Until today, every other autonomous red teaming platform has focused on the external attack surface: anything an attacker on the open internet can see. Internal validation has remained the domain of scheduled, human-led penetration tests, performed quarterly at best, and often not at all. With NodeX, the Internal Attack Capability, SpartanX deploys the same 600+ agent swarm that operates externally for some of the world's leading organizations. NodeX's agents enumerate Active Directory and Entra ID at depth, walk machine identities and service accounts, probe internal APIs and east-west segmentation, and exercise the orchestration layer of the customer's AI agents and custom automation.
These agents operate under tight controls: scoped, fully audit-logged, non-destructive by default, and with humans in the loop, so internal testing never puts production at risk.
Every finding is exploit-validated, with a chain of evidence that maps the actual attack path, prerequisites, and impacted assets. SpartanX:Defend then opens remediation pull requests in GitHub and integrates with Jira, Slack, and the customer's CI/CD pipeline.
"Attackers now operate at machine speed, powered by frontier AI models that are collapsing the window between vulnerability disclosure and working exploit. Most defenders still operate on a quarterly schedule. After two decades in offensive security, I have never seen a wider gap," said Diego Spahn, Co-Founder and CEO of SpartanX. "We built SpartanX to allow defenders to move at the speed, scale, and capability they need to fight sophisticated attackers. Today, SpartanX delivers the world's only full-stack autonomous AI platform to defend a CISO's external and internal attack surfaces. Defending web apps, APIs and source code, networks and infrastructure, cloud, IAM and identity, and AI systems and LLMs is the standard CISOs deserve in 2026."
Targeted Attack Validation: Turning Scanner Noise into Confirmed-Exploitable Priorities
Unlike exposure-management tools that score and correlate scanner output, TAV executes the actual attack against the customer's environment and returns the working exploit chain. The difference is proof, not prioritization. TAV connects directly to Tenable, Rapid7, Qualys, Wiz, Snyk, Checkmarx, and more than 150 additional security tools. For every ingested finding, SpartanX runs an autonomous attack validation against the customer's actual environment to produce evidence: the exploit chain, its prerequisites, impacted assets, and post-exploitation reach. The platform then maps the attack graph to surface composite chains across exploitable findings that no individual scanner can detect.
When the window between disclosure and exploitation collapses, every CVE you ingested last week may already be hot today. Continuous, exploit-validated testing is the only way to keep pace when the severity of a finding can change overnight.
Gartner's 2026-2027 Threat Landscape report (G00852689, published May 28, 2026) calls out the precise gap that TAV closes: "Another challenge is how to enable faster remediation with strong integration in the application security and exposure management workflows." The same report classifies trying to patch every vulnerability as "impossible" and identifies Continuous Threat Exposure Management, exposure validation, and continuous red teaming as the mature posture.
"This release is a milestone for the SpartanX engineering team," said Alejandro Aguirre Soto, Co-Founder and CTO of SpartanX. "The same architecture that runs our external swarm now executes inside the customer environment with no loss of fidelity."
Why This Matters Now
The 2026 threat landscape has moved past static scanning and quarterly red team engagements. Four independent industry signals define the new baseline, and SpartanX uniquely addresses each.
Signal 1: Exploitation is the #1 initial access vector. The Verizon 2026 Data Breach Investigations Report finds vulnerability exploitation became the leading initial access vector for the first time in the report's 19-year history, at 31% (up from 20%). The IBM X-Force 2026 Threat Intelligence Index, published February 25, 2026, reports a 44% year-over-year increase in exploitation of public-facing applications. VulnCheck's State of Exploitation 2026 (January 21, 2026) finds nearly 29% of known exploited vulnerabilities are weaponized on or before the day the CVE is published. SpartanX's Answer: Exploitability Proof on Every Finding. Every vulnerability the platform reports ships with its unique exploit chain, auditable evidence, and post-exploitation reach. With SpartanX, customers act on validated risk, not CVSS lists.
Signal 2: Static, point-in-time testing is insufficient. Gartner's "How to Respond to the 2026-2027 Threat Landscape" (G00852689, published May 28, 2026) names continuous threat exposure management as the mature posture and calls explicitly for "continuous penetration testing, exposure validation and red teaming." The report classifies trying to patch every vulnerability as "impossible." SpartanX's Answer: Continuous Testing and per-Customer Configurability. The 600+ agent swarm runs continuously, by schedule, on event, or on deploy across all six attack surfaces in parallel: web applications, APIs and source, networks and infrastructure, cloud, IAM and identity, and AI systems and large language models.
Signal 3: Prompt injection is a Critical-tier threat with no incumbent defense. The Gartner 2026-2027 ThreatScape places prompt injection in the Critical bucket. Its Key Actions call for "red team security testing to proactively identify vulnerabilities" and integration of prompt injection testing into the AI system development lifecycle. Google Threat Intelligence reported a 32% relative increase in indirect prompt injections from November 2025 to February 2026. SpartanX's Answer: Dedicated AI Red Teaming Swarm. Proprietary agents execute direct and indirect prompt injection, jailbreaks, alignment bypasses, agentic goal hijack, and tool-abuse chains across LLMs, agent harnesses, tools, integrations, and orchestration layers as separately addressable surfaces.
Signal 4: Remediation is the bottleneck. Gartner names the gap directly: "how to enable faster remediation with strong integration in the application security and exposure management workflows." SpartanX's Answer: SpartanX Prioritizes Only Validated, Exploit-Proven Findings and Automatically Opens Code-Level Pull Requests in the Customer's GitHub Repositories. Native integrations with Jira, Slack, and CI/CD route the fix to the engineer who owns the code, with the exploit evidence attached to the pull request, ready to review and merge.
Across all four signals, the SpartanX platform delivers a single, end-to-end answer. Externally and internally. Six attack surfaces. 600+ AI agents. Every finding exploit-validated. Continuous by default. Code-level remediation. One platform.
"The buyers we talk to are not asking for more findings," said Erik Hardy, President and COO of SpartanX. "They are asking for validated priorities they can actually act on. Internal Attack Capability and Targeted Attack Validation give them exactly that, with the evidence to convince their boards and the integrations to drive remediation through the systems their teams already use."