Cloud detection and response company Skyhawk Security (CNP) Ltd. today launched new agentic artificial intelligence capabilities through its AI-based Red Team that enable continuous security control validation.

Announced ahead of the AWS re:Invent 2025 conference in Las Vegas, the update moves beyond traditional breach-and-attack simulation by actively verifying whether a customer’s existing detection and enforcement tools can actually stop or detect real attack paths in live production environments.

With the introduction of agentic AI in the Red Team, Skyhawk now formally validates third-party security controls against attack scenarios across live cloud environments to deliver an environment-aware view of coverage across the entire security stack.

The platform connects to security controls customers already operate and determines, for each attack step, whether prevention technologies would block the activity and whether detection tools would generate the appropriate indications and alerts. When coverage is found to be incomplete, the system prescribes specific changes and drafts detection updates to accelerate remediation.

Skyhawk says the approach extends its breach and attack simulation beyond simulation alone to an evidence-based assessment of true attack feasibility in the customer’s production architecture.

At launch, Skyhawk’s agentic approach spans both detection and enforcement categories, with plans to expand in the future.

For detection, the system integrates with security information and event management tools such as those from Splunk Inc., IBM Corp., LogRhythm Inc. and Sumo Logic Inc., alongside cloud and endpoint monitoring tools such as Amazon CloudWatch and Microsoft Defender. For enforcement, Skyhawk’s evaluation extends to web application firewalls and endpoint security controls, including those from CrowdStrike Holdings Inc.

Through tapping into various tools, the result is an end-to-end assessment of detect and defend coverage aligned to current cloud architectures, rather than to static diagrams or content libraries.

“Cloud environments are dynamic and today’s security stack is often siloed,” said Chief Executive Chen Burshan. “Customers consistently tell us that they want better visibility into what’s deployed and effective across their cloud estate. Guided by that feedback, we’re bringing everything into a single view. Legacy breach and attack simulation pen-testing requires building a sample environment and it doesn’t demonstrate what a customer’s live ecosystem will truly prevent or detect. Our AI-based Red Team runs nondisruptive to the true cloud environment.”

Skyhawk will be demonstrating its agentic AI functionality live on the show floor at AWS re:Invent.

Image: Skyhawk Security