FeaturesAgentOS WorkUpdated March 12, 2026
Penetration Testing Integration
Penetration Testing Integration
Available from: v1.0.73
The Penetration Testing Integration provides an automated security testing framework built directly into the platform. It combines continuous vulnerability scanning with structured penetration testing routines, detailed reporting, and end-to-end remediation tracking — all without requiring external tooling or manual scheduling.
Overview
Traditional security assessments are point-in-time exercises. This integration makes security assessment continuous and systematic by automating the full cycle: scan → detect → report → remediate.
Key Capabilities
Automated Vulnerability Scanning
- Scans platform components on a scheduled basis for known vulnerabilities.
- Classifies findings by severity: Critical, High, Medium, and Low.
- Surfaces results in a consolidated findings dashboard.
Penetration Testing
- Runs structured, automated pen-test routines that probe for common attack vectors and configuration weaknesses.
- Tests are repeatable and consistent, providing a reliable baseline for tracking security posture over time.
- No manual trigger required between scheduled cycles.
Continuous Security Assessment
- Assessments run automatically on a configured schedule.
- Ensures coverage stays current as the platform evolves, without gaps between manual engagement windows.
Detailed Reporting
Each completed assessment generates a structured report containing:
| Field | Description |
|---|---|
| Finding ID | Unique identifier for the vulnerability |
| Severity | Critical / High / Medium / Low |
| Affected Component | The service, module, or endpoint impacted |
| Description | Technical summary of the vulnerability |
| Evidence | Supporting data captured during the scan or test |
| Detection Date | Timestamp of when the finding was first observed |
Reports can be exported for compliance and audit purposes.
Remediation Tracking
- Findings are logged as trackable items with status lifecycle: Open → In Progress → Resolved → Closed.
- Assign findings to team members responsible for remediation.
- All status changes are recorded, maintaining a full auditable history.
- Closed findings are retained in the historical record for compliance review.
Workflow
1. Automated scan / pen-test routine executes on schedule
↓
2. Vulnerabilities detected and classified by severity
↓
3. Findings report generated and surfaced in dashboard
↓
4. Findings assigned to responsible team members
↓
5. Remediation work completed; status updated
↓
6. Finding closed and recorded in audit history
Use Cases
- Compliance preparation — Maintain continuous evidence of security assessments for SOC 2, ISO 27001, and similar frameworks.
- Proactive risk reduction — Catch and remediate vulnerabilities before they are discovered by external actors.
- Team accountability — Track who is responsible for each finding and when it was resolved.
- Trend analysis — Compare assessment results over time to measure improvement in security posture.
Notes
- This feature is part of the core platform as of v1.0.73 and requires no additional installation.
- Scheduling configuration and scope settings are managed by administrators.
- Historical findings and reports are retained according to your organisation's data retention policy.