AWS re:Invent – Skyhawk Security, the leader in Purple Team-Powered Cloud Security, today launches agentic AI capabilities through its AI-based Red Team, enabling continuous security control validation. The update expands Skyhawk’s cloud-native, agentless breach and attack simulation (BAS). Instead of simply showing how attacks would unfold, it checks the entire security stack to determine whether a customer’s existing detection and enforcement controls would catch (or stop) imminent threats to crown-jewel assets.
Skyhawk’s Autonomous Purple Team has long provided validated attack scenarios across live cloud environments. With the introduction of agentic AI in the Red Team, Skyhawk now formally validates third-party security controls against those scenarios to deliver an environment-aware view of coverage across the entire security stack. The platform connects to compensating security controls customers already operate and determines, for each attack step, whether prevention technologies would block the activity and whether detection tools would generate the appropriate indications and alerts. Where coverage is incomplete, the system prescribes specific changes and (where permitted) drafts detection updates to accelerate remediation. This approach extends Skyhawk’s BAS beyond simulation to an evidence-based assessment of true attack feasibility in the customer’s production architecture.
“Cloud environments are dynamic and today’s security stack is often siloed. Customers consistently tell us that they want better visibility into what’s deployed and effective across their cloud estate,” said Chen Burshan, CEO of Skyhawk Security. “Guided by that feedback, we’re bringing everything into a single view. Legacy breach-and-attack simulation pen-testing requires building a sample environment and it doesn’t demonstrate what a customer’s live ecosystem will truly prevent or detect. Our AI-based Red Team runs non-disruptive to the true cloud environment. It doesn’t impact production or detections and there’s zero manual effort. Adding agentic AI to our platform within the AI-based Autonomous Purple Team lets us evaluate the entire security stack customers run, not just our own detections. This allows us to identify real gaps, amplify the value of red-team findings, and expand the practical impact for our customers.”
At launch, Skyhawk’s agentic approach spans both detection and enforcement categories, with plans to expand in the future. For detection, the system integrates with SIEMs such as Splunk, IBM QRadar, LogRhythm and Sumo Logic, alongside cloud and endpoint monitoring tools like Amazon CloudWatch and Microsoft Defender. For enforcement, Skyhawk’s evaluation extends to web application firewalls and endpoint security controls, including CrowdStrike. This yields an end-to-end assessment of “detect” and “defend” coverage aligned to current cloud architectures, rather than to static diagrams or content libraries.
Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!