The tool functions by analyzing a client's specific tech stack and past security findings to form hypotheses about potential weaknesses. Unlike traditional automated scanners, Apex attempts to chain minor vulnerabilities into actionable attack paths, documenting each step in an "Attack Narrative." This process allows security teams to focus on proven exploits rather than theoretical risks.
To maintain reliability, Sprocket mandates a human-in-the-loop workflow. Expert testers review and validate every finding generated by the agent before it reaches a customer's dashboard. Founder and CEO Casey Cammilleri noted that the system leverages years of proprietary testing data while operating within a SOC 2-compliant environment that strictly prohibits using client data for model training. The company plans to expand this fleet of agents throughout 2026 to cover additional aspects of the enterprise attack surface.
Comments (0)
No comments yet. Be the first!