.jpg)
Ridge Security has announced two major new capabilities for its RidgeBot 6.0 autonomous penetration testing platform: an AWS Security Audit module and enhanced Windows Authenticated Pentesting (WAP). These features are designed to provide deeper, context-aware security validation for critical infrastructure, simulating sophisticated post-compromise attacks in both cloud and on-premises Windows Active Directory environments.
RidgeBot 6.0 adds AWS Security Audit and enhanced Windows Authenticated Pentesting.
The AWS audit evaluates cloud configurations against best practices to find misconfigurations and exposed attack surfaces.
Windows Authenticated Pentesting uses admin credentials to simulate post-breach lateral movement.
It executes techniques like credential harvesting and privilege escalation within Active Directory.
Both features aim to identify risks before attackers can exploit them.
The platform combines LLM-based contextual intelligence with domain-specific security knowledge.
The AWS Security Audit feature conducts an automated, comprehensive review of an organization's Amazon Web Services environment. It assesses services and accounts against industry best practices across key areas like identity and access management (IAM), network security, logging, and storage configurations. The goal is to identify common but critical risks—such as misconfigured, publicly accessible S3 buckets—and provide prioritized findings with actionable remediation steps to strengthen the overall cloud security posture.
The enhanced Windows Authenticated Pentesting (WAP) capability addresses a key limitation of traditional external (black-box) testing by operating with valid local administrator credentials. This "gray-box" approach allows RidgeBot 6.0 to simulate an attacker's actions after initial access has been gained. It automatically executes advanced techniques—including credential harvesting, NTLM relay, pass-the-hash, and privilege escalation—to expose misconfigurations that enable lateral movement and full domain compromise, all without requiring security agents to be disabled.
Ridge Security emphasizes that these features combine large language model (LLM) intelligence with deep domain expertise to understand the unique context of each environment. “These new RidgeBot 6.0 features help customers enhance security validation in critical IT infrastructure,” said Lydia Zhang, President and co-Founder of Ridge Security. “By combining LLM-based contextual intelligence with proven domain-specific knowledge, RidgeBot enables more complex exploit testing and uncovers vulnerabilities unique to each environment.”
These enhancements position RidgeBot as a tool for continuous threat exposure management (CTEM), moving beyond simple vulnerability scanning to actively validate how an attacker could chain weaknesses together to breach critical assets. By testing both cloud misconfigurations and internal network pathways, organizations can gain a more realistic assessment of their defensive readiness and prioritize remediation efforts that directly impact their risk of a major breach.
About Ridge Security
Ridge Security delivers intelligent, autonomous cybersecurity validation solutions that help organizations proactively manage risk and improve resilience. Its flagship platform, RidgeBot®, is a leading agentic AI-based adversarial risk validation platform that supports continuous threat exposure management programs. RidgeBot combines ethical hacking techniques with AI-powered automation to continuously identify, exploit, and validate vulnerabilities across IT, OT, and cloud infrastructures. Recognized by Gartner in the Market Guide for Adversarial Exposure Validation and honored with awards such as Top Emerging Cyber Security Company for 2025 and CRN’s Tech Elite 250 of 2025, Ridge Security serves customers across North and South America, Europe, and Asia through a network of 400+ partners in sectors including finance, government, telecom, and enterprise.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.