Ghost Security announces the release of Reaper, the first open-source Application Security Testing framework powered by Agentic AI. Reaper combines human expertise with AI driven decision-making, enhancing vulnerability identification and application security testing.
What Sets Reaper Apart: Agentic AI
Reaper distinguishes itself from traditional testing tools by autonomously selecting attack types based on real-time insight from domain discovery and application crawling. It specifically targets requests that align with the application’s unique structure, refining its approach based on prior attempts, resulting in an efficient, minimal-configuration testing workflow.
By avoiding brute-force tactics, Reaper minimizes resource consumption and reduces the risk of overwhelming the application with unnecessary traffic. Users get the results of a highly-tuned security scan with reduced complexity and operational risk.
Also Read: Rubrik Launches Data Security for Microsoft 365 Copilot
Reap these Benefits:
- Context-Aware Attack Selection: Reaper intelligently selects and prioritizes attacks with tuned parameters, minimizing unnecessary tests.
- Efficiency Gains: Reaper minimizes redundant requests, cutting down on compute costs and protecting live environments from performance issues that traditional testing tools can cause.
- Co-Op Mode: Enables real-time observation of AI-driven testing or allows teams to take control during shared sessions.
- Open-Source: As an open-source project, Reaper invites security experts, developers, and the global community to contribute and shape the future of intelligent security testing.
Built By Humans, for AI – A New Approach
Reaper’s foundational design is built from the ground up for seamless interaction with AI while maintaining human-in-the-loop control. Unlike competitors who simply layer AI onto existing tools, Ghost Security leverages AI’s unique capabilities from the ground up. Reaper represents a future where AI autonomously identifies and validates application and API vulnerabilities, enhancing accuracy and reducing reliance on human analysis.
“We believe full automation in application security is key to unlocking improved outcomes,” said Greg Martin, Co-Founder and CEO of Ghost Security. “As the cybersecurity landscape grows more complex, automation is essential for organizations to stay ahead, even with limited resources. Reaper is just the beginning of our Agentic AI-driven framework that will transform application security.”
Matt Johansen, Head of Software Security at Reddit, stated, “Agentic AI opens the door to remarkable capabilities that push the boundaries of both offensive and defensive application security. By building Reaper around this technology, Ghost Security positions itself as a game-changer with significant disruptive potential.”
Reaper + Ghost Platform: Elevating Application Security Outcomes
The Ghost Platform offers enterprise customers:
- Continuous Discovery and Monitoring: Automatically identifies applications, APIs, and third-party scripts for real-time visibility.
- Real-Time Security Insights: Continuously assesses risks and manages remediation campaigns, and enables security teams to drive internal remediation to resolution..
- Automated Workflow Integration: Seamlessly integrates with service management tools for efficient issue resolution.
Reaper provides customers with additional application risk context, extending issue identification to cover the OWASP Top Ten and beyond. Reaper will integrate seamlessly with the Ghost Platform, adding intelligent, autonomous testing to the platform’s continuous discovery, monitoring, and workflow capabilities.
Industry Perspectives
Sidra Ahmed Lefort, Investment Director at Munich Re Ventures, noted, “Ghost Security has set a new standard for API and application security. The platform’s real-time insights and automation are critical in today’s fast-paced environment.”
Melinda Marks, Practice Director at Enterprise Strategy Group (ESG), added, “The Ghost Platform addresses the complexities of protecting cloud-native environments, providing visibility, control, and automation at scale.”
The Future of Application Security
With Reaper’s launch, organizations can shift from reacting to threats to actively preventing them. “Reaper was born out of frustration with legacy tools that struggle to keep pace with the complexity and scale of modern web applications,” said Josh Larsen, Co-Founder and Chief Technology Officer of Ghost Security. “By combining human expertise with Agentic AI, Reaper revolutionizes security testing and enables fully autonomous application security.”
SOURCE: Businesswire

