Palo Alto Networks Says Frontier AI-Assisted Analysis Matched a Year of Manual Penetration Testing in Three Weeks

Palo Alto Networks warned that frontier AI capabilities have reached an inflection point where models can operate as autonomous agents capable of discovering and chaining software vulnerabilities at a scale most defenders are not prepared for. The cybersecurity firm said its testing of the latest frontier AI models revealed a step-change in capability that demonstrates an intuitive understanding of software vulnerabilities. In the company's testing, three weeks of model-assisted analysis matched a full year of manual penetration testing with broader coverage. The firm said the latest frontier models, including OpenAI's GPT-5.5-Cyber, Anthropic's Mythos and Claude Opus 4.7, and specialized variants emerging across major labs, represent roughly a 50% improvement in coding efficiency over their predecessors. Palo Alto Networks found four key developments that redefine the threat landscape. Frontier AI is exceptionally effective at identifying vulnerabilities across massive, complex codebases. The models can link multiple lower-severity issues into single, critical exploit paths, seeing full-stack logic in ways traditional scanners cannot. In AI-assisted scenarios, the time from initial access to exfiltration has collapsed to as little as 25 minutes. Rapid AI development and decentralized innovation are also creating a massive unsupervised attack surface, as local AI agents make every desktop effectively a server. The company introduced Frontier AI Defense, an initiative that unites its AI-native security platforms with Unit 42 consulting and threat expertise to deliver continuous protection, prioritized risk mitigation, and autonomous remediation. The program includes a Frontier AI Alliance of partners including Accenture, Armadin, Deloitte, IBM, NTT DATA, and PwC. Palo Alto Networks predicted that when Mythos first launched, attackers would gain access within six months, but now believes that timeline has accelerated significantly. The capabilities tested under early-access conditions are expected to become widely available over the next several months.