Working at an ethical hacking company means that teams meetings, lunches, and social outings are filled with conversations on the latest tech, current tools and techniques for exploitations, and the big thing on everyone’s mind…AI. Jokes are exchanged about AI taking all of our jobs, but it leaves us to wonder…could AI entirely replace the human hacker? Is this a real, current problem that could actively impact current ethical hackers, those investing in higher education in cybersecurity, or those considering a career switch? Are humans truly at risk of being “obsolete” within a few years? This blog discusses our take on the boxing match between AI and the human hackers, and who we think comes out on top. Hint, it may not be who you think.
AI
AI isn’t new, but it is rapidly evolving in recent years and is a daily topic of conversation in the news, at conferences of all industries, and even at the family dinner table. If you’re someone in the cybersecurity industry, I imagine life is at a point for you where a day does not go by where a friend or family member is not quizzing you on potential AI scams that they received via text or email, or the countless celebrity scams, fake business, and sketchy posts flooding their social media feeds. With its ease of use and wide accessibility, people are now using AI to generate selfies of them with dead celebrities (stop generating photos of you and Elvis, grandma!), write emails to that coworker they’re struggling to communicate with, and to even discover vulnerabilities in code during assessment work for clients. As we have entered the era of Agentic AI, it has become incredibly obvious that an AI-powered pipeline is only as secure as the humans that are writing it. That concept is also incredibly concerning, given how often these tools are misused.
An agentic tool can analyze endpoints, hypothesize bypasses, generate exploit payloads, evaluate HTTP responses, and modify its syntax until successful exploitation. While this may be helpful in a variety of areas, it also introduces a high volume of risk, including the ability to communicate externally, as well as give access to private data. This is particularly concerning, especially in instances where individuals are putting client data into unknowingly vulnerable AI tools, leaving clients even more susceptible to attacks than they were when they came to your team for an assessment in the first place. In a recent article by Infostealers, research found that tools such as ClawdBot stores sensitive information in plaintext Markdown and JSON files, opening the door for social engineering attacks.
A prime example of this is the March 2026 compromise of Trivy. Trivy is a commonly used scanner that was involved in a multi-faceted supply chain attack. The security tool was turned into a weapon for credential-stealing after attackers pushed malicious code to existing GitHub Action tags. Organizations that were trusting “automated updates” unknowingly pulled malware into their ecosystems. Now, we’re not saying to not use automatic updates on software or other tools. Rather, we’re pointing out that automation can be a double-edged sword. Blindly relying on a tool or AI to secure your company means you are only as safe as the integrity of that tool’s supply chain. As we saw above with ClawdBot, these tools often lack the basic security hygiene that a human expert provides.
In yet another instance of vulnerable AI tools, a recent article by Codewall shared the process of hacking an in-house AI tool built by a major firm. The vulnerability in question? A simple SQL injection, one of the oldest vulnerabilities, and something we even teach early on in our hosted trainings. The SQL injection was the straw that broke the camels’ back, so to speak. It led to the uncovering of millions of documents, files, and more.
When analyzing the usefulness of AI tools, it is important to also note that AI is probabilistic, not deterministic. AI is actually prone to something similar to the concept of hallucinations, where the tool will confidently report to the user reports of vulnerabilities that don’t exist, or misses critical flaws, simply because it wasn’t in that tools’ training data. Therefore, human experts are a required verification layer, ensuring that the final security reports given to clients are not based on hallucinated exploits or untrustworthy sources.
Putting aside for a moment the fact that the AI tool could be vulnerable, AI may help with the tedious “grunt” work, clearing the path for deeper investigation. However, it struggles with the contextual nuances of findings, especially when it comes to complex attacks. Cue the stage lights for the entrance of the human hacker from stage right.
The Humans
While AI is able to find bugs, it’s arguably the humans that find the flaws. The difference between this is the difference between a secure organization and a devastating breach. The Verizon Data Breach Investigations Report (DBIR) found that humans detect between 85-90% of complex, multistage attacks. AI-driven tools currently sit at a 40-50% detection rate, as of May, 2026. Additionally, while AI can detect an isolated issue, it’s not capable of exploit chaining. A human can chain multiple isolated issues together, causing an entire server to become compromised. Modern threats have moved past the days of simple code flaws and have entered the world of multi-step logic abuse. AI and automated scanners lack the context to detect this. AI has blind spots, and only humans can navigate them. Where AI works within its given parameters, humans lean on their natural curiosity, questioning the intent of those parameters, breaking rules, and challenging the norm.
In late 2025 through early 2026, the cybersecurity industry witnessed the quick rise and fall of automated bug hunters. These tools were marketed as top-tier hunters. In working with IoT Village, who has hosted some of the best bug bounty contests DEF CON has offered, we were confident that was not the case. It became apparently obvious to the industry that these models were operating on the classic “spray and pray” method, making them to be nothing more than a glorified scanner. These tools lacked the ability to chain low-severity vulns into high-impact attack paths, showing how important human guidance is with these tools. Without the human element, they were unsuccessful.
The Real Winner
If you are looking at quantity of vulnerabilities, then certainly, AI wins out. However, if you are defining value in not the number of vulnerabilities discovered, but rather in the nuance, adaptability, curiosity, and research, humans remain the clear standard of testing excellence. However, I’d like to argue for a third category, where both AI and humans come out on top, together.
In 2026, the strongest organizations are not replacing their ethical hacking teams with AI. Instead, they are empowering them with it, creating a cadence for Agentic AI pen testing to exist. It’s important to keep in mind that as we all continue to use AI, we are basically training it in the process. Every interaction adds to its growing base of knowledge, so it is important to be mindful about what goes into these tools. While parameters unique to your organization should be created in order to appropriately protect proprietary data, here’s a few ways that AI could be used to assist your analyst’s day-to day.
- Sources of inspiration: some tests can be long and daunting. Use AI to brainstorm unique edge cases.
- Security checklist generation: everyone knows the OWASP Top 10, but there’s other vulnerabilities that exist. AI could help with sanity checks and helping your teams think outside of the box for different vulnerabilities to look for.
- Tedious work: everyone has aspects of their job that they wish they could wave a magic wand to automate or reduce the amount of time it takes to complete. Lean on AI to assist in those ways. Doing so will maximize the time your teams can spend on the fun aspects of hacking.
At the end of the day, the biggest takeaway is to not blindly rely or accept AI tools without doing research on the tool, setting parameters within your organization to protect proprietary information, and always fact-checking their results. AI is known for pulling information from random internet forums, opinion-based blogs, and other untrustworthy sources. 2026 security compliance frameworks, such as the EU AI Act, are increasingly requiring human validation of AI-generated reports. Incorporate the human-in-the-loop (HITL) practice into any instances where AI is used for security testing within your organization. Stay up to date on best practices, and lean on your friends and colleagues for additional insights on what’s trending.
If you’re looking for a third-party test from an organization who incorporates the crucial human element into all aspects of our business, talk to one of ethical hacking experts today. We will be able to guide you through all the steps to building better, more secure systems.
