Agentic AIAI-powered software

Synack Aligns AI-Powered Security Testing Platform with New White House Cybersecurity Directive

3 mins
Federal AI Security Push Signals New Expectations for Continuous Validation and Threat Readiness

As artificial intelligence becomes increasingly embedded across government operations and critical infrastructure, federal cybersecurity strategies are evolving to address a new generation of risks. The White House’s recently announced Executive Order, Promoting Advanced Artificial Intelligence Innovation and Security, reflects a growing focus on securing AI systems while simultaneously leveraging AI to strengthen cyber defense capabilities.

Against this backdrop, cybersecurity provider Synack has positioned its AI-enabled penetration testing platform as aligned with the objectives outlined in the new directive. The company, which supports the majority of U.S. cabinet-level federal departments, announced that its FedRAMP Moderate Authorized Penetration Testing as a Service (PTaaS) platform and Sara AI Pentesting solution are designed to address many of the challenges federal agencies now face as implementation timelines begin.

The announcement highlights a broader shift taking place across public sector cybersecurity programs. As agencies accelerate AI adoption, traditional approaches to vulnerability management, periodic assessments, and compliance testing are increasingly being supplemented by continuous security validation models that combine automation, AI, and human expertise.

Moving Beyond Periodic Security Testing

One of the central themes of the Executive Order is the need for government organizations to improve their ability to identify, assess, and respond to cyber threats at greater speed and scale.

The order directs federal agencies and cybersecurity organizations, including the Cybersecurity and Infrastructure Security Agency (CISA), to expand access to AI-enabled defensive security capabilities. The objective is clear: security programs must evolve at the same pace as increasingly sophisticated threat actors who are also leveraging AI-driven techniques.

Synack argues that traditional security testing approaches are no longer sufficient in this environment.

The company’s Sara AI Pentesting solution automates reconnaissance activities, attack surface discovery, and initial exploit validation while leveraging the Synack Red Team (SRT), a global community of vetted ethical hackers, to verify findings and determine real-world exploitability.

According to Jay Kaplan, CEO and Co-founder of Synack, the future of cybersecurity depends on combining machine-scale automation with human judgment.

“This Executive Order sends a clear signal: periodic testing and automated scanning alone are no longer enough to keep pace with AI-era threats,” said Kaplan. “Federal security teams need continuous validation, AI-enabled scale, and human expertise to determine what is actually exploitable.”

The approach reflects a growing industry consensus that AI can dramatically increase testing coverage and efficiency, but human expertise remains critical when evaluating business impact, prioritizing vulnerabilities, and validating attack paths.

Critical Infrastructure Remains a Priority

The Executive Order also places significant emphasis on strengthening cybersecurity protections across critical infrastructure sectors.

Healthcare organizations, financial institutions, utilities, transportation networks, and public services continue to face increasing cyber risks while often operating under resource constraints and complex regulatory requirements.

As part of the federal initiative, CISA is expected to facilitate broader access to cybersecurity services for critical infrastructure operators, including smaller organizations that may lack extensive in-house security capabilities.

For technology providers serving these sectors, the directive creates additional momentum around continuous monitoring, vulnerability discovery, and proactive risk management.

Synack points to its work securing high-profile public sector and critical infrastructure environments, including defense-related systems and election technology platforms, as evidence of the growing demand for continuous validation models rather than point-in-time assessments.

AI Security and Compliance Converge

Another notable aspect of the Executive Order is the creation of mechanisms designed to improve vulnerability discovery, remediation coordination, and AI security governance across federal environments.

The administration has proposed establishing an AI cybersecurity clearinghouse that would support vulnerability scanning, validation, prioritization, and remediation efforts across agencies and critical infrastructure operators.

This reflects a broader trend toward integrating cybersecurity more directly into AI governance initiatives.

For enterprise technology leaders, the development is significant. AI adoption is no longer solely an innovation discussion; it is increasingly becoming a compliance, risk management, and operational resilience issue.

Organizations deploying AI systems must now consider not only model performance and business outcomes, but also how vulnerabilities are identified, managed, and remediated throughout the lifecycle of those systems.

The Rise of Human-AI Security Operations

The Synack announcement also underscores a larger shift occurring across cybersecurity operations.

Rather than viewing AI as a replacement for security professionals, many organizations are adopting hybrid models where AI accelerates repetitive and data-intensive activities while human experts focus on validation, strategic analysis, and decision-making.

This mirrors trends already visible across ERP, enterprise software, and business operations more broadly, where AI increasingly acts as a force multiplier rather than a replacement for experienced professionals.

In cybersecurity, that balance may become particularly important as organizations attempt to defend increasingly complex digital environments while managing talent shortages and expanding attack surfaces.

Why It Matters

The White House Executive Order represents another step in the federal government’s effort to establish AI as both a strategic capability and a security priority.

For technology providers, the directive raises expectations around continuous validation, AI-enabled defense, and proactive vulnerability management. For federal agencies and critical infrastructure operators, it signals growing pressure to modernize security programs capable of operating at machine speed while maintaining human oversight.

As AI adoption accelerates across both public and private sectors, the organizations best positioned to manage risk may be those that successfully combine automation, intelligence, and human expertise into a unified security model.

Synack’s announcement illustrates how cybersecurity vendors are adapting to that realityā€”one where AI is not only something that must be secured, but increasingly part of the security solution itself.

ERP News Editorial Team
+ posts

The ERPNews Editorial Team covers global developments in ERP (Enterprise Resource Planning), enterprise software, cloud platforms, AI, automation, and digital transformation, providing independent news and editorial analysis for senior business and technology leaders. Our reporting focuses on market signals, strategic shifts, and enterprise impact across the ERP and enterprise technology ecosystem.

For editorial inquiries, please contact:
šŸ“© [email protected]

Ā 

Tags:
Cats:
Agentic AIAI-powered softwareArticlesArtificial IntelligenceAutomationBig DataBusiness IntelligenceCyber SecurityDigital TransformationEditor's PickERPFeaturedNewsProfessional ServicesPublic sectorSynack
Shares: