Zoonop

XBOW Platform Unlocks Over 100% Performance Boost in GPT-5 Hacking Capabilities

Image for XBOW Platform Unlocks Over 100% Performance Boost in GPT-5 Hacking Capabilities

Cybersecurity firm XBOW has announced a significant breakthrough in AI-driven offensive security, revealing that OpenAI's GPT-5 model exhibits dramatically enhanced hacking capabilities when integrated into its autonomous penetration testing platform. This finding contradicts OpenAI's initial conservative assessment of GPT-5's cyber prowess. According to XBOW, the integration has led to the platform's performance more than doubling in vulnerability discovery and exploit crafting.

XBOW, a Seattle-based company specializing in AI-powered continuous offensive security, recently secured $75 million in Series B funding to scale its platform. The firm has gained recognition for its autonomous penetration testing system, which notably became the first AI to top HackerOne's global leaderboard for vulnerability discovery. XBOW's approach aims to provide human-level security testing at machine speed, deploying specialized AI agents.

OpenAI's initial assessment of GPT-5 suggested "modest cyber capabilities" and that it "does not meet the threshold for high cyber risk." However, XBOW stated in a recent tweet, > "But when integrated into the XBOW platform, we saw a completely different story: performance more than doubled." Internal testing at XBOW revealed that a GPT-5 integrated agent successfully identified 70% of vulnerabilities in a single run, compared to 23% with previous models. Furthermore, the new integration reduced the median iterations for exploit crafting from 24 to 17, indicating greater efficiency.

This stark contrast in performance highlights that an AI model's effectiveness in cybersecurity is heavily influenced by its integration into a sophisticated agentic framework. XBOW's platform provides specialized tools and a coordinated team of AI agents, directing discovery and prioritizing tasks. This "scaffolding" approach allows GPT-5 to leverage its advanced reasoning and command sequencing abilities more effectively, which were not apparent in isolated tests.

The findings underscore an accelerating trend in AI-driven offensive security, where advanced models combined with robust agentic systems deliver significant performance increases. This development poses new challenges for cybersecurity defenders, who must now contend with increasingly sophisticated, AI-powered threats. XBOW CEO Oege de Moor previously noted that "we are now in the era of machines hacking machines," emphasizing the need for equally capable defensive AI systems to maintain a balance of power.