100% Hacked: Generative and Agentic AI Systems Aren't as Safe as You Think

Offensive and defensive AI services assist with security and compliance as organizations develop innovative AI/ML solutions

CHICAGO, July 29, 2025 /PRNewswire/ -- Coalfire, an industry-leading cybersecurity services and solutions company, has been successful in hacking 100% of generative and agentic AI applications tested to date. To combat the evolving risks major enterprises are facing, Coalfire has launched a full suite of offensive and defensive AI services to help companies incorporating AI into their business remain both secure and compliant. Through these services, the expert hackers and defenders of Coalfire's Cyber Security Services team empower organizations to innovate with proactive security at the forefront.

AI has quickly become an enabler for enterprises in every industry around the world; however the proliferation of AI and ML to help with productivity has left security teams scrambling to properly secure organizational resources and data. It has introduced new risks including compromise, data leakage, data privacy violations and the potential for data bias and inaccuracy, among other concerns.

As organizations develop innovative AI/ML solutions, they must identify and remediate novel security vulnerabilities before attackers exploit them. To aid these efforts, Coalfire's portfolio of services includes:

• AI readiness assessment: Based on the NIST AI Risk Management Framework (AI RMF) and the European Union's AI Act, this service identifies threats and vulnerabilities related to the development and usage of AI systems.
• Threat modeling and security evaluation: Provides a comprehensive risk analysis of ML models, adhering to established standards such as OWASP.
• Penetration testing: Expert hackers test generative AI applications, LLMs, and other machine learning elements to help security and business leaders understand the risk posed by threat actors intent on stealing intellectual property, sensitive information, or gaining unwanted access to systems. 
• AI attestation: Formal attestation of program certification, adhering to NIST AI RMF. 
• AI risk advisory: Coalfire helps clients design, implement, manage and operationalize AI Risk Management Programs in alignment with NIST AI RMF.

Coalfire's Cyber Security Services team helps enterprises stay ahead of modern threats with specialized threat modeling and penetration testing for AI/ML systems. Many firms perform periodic automated vulnerability assessments and penetration tests. However, for nascent AI systems, threat-focused, manual testing by expert humans is essential to uncover and replicate the novel attacks targeting agentic AI applications.

Coalfire's experienced testers bring a hacker's perspective to help clients identify real-world risks and remediation actions. This team simulates real-world attack scenarios and uses advanced testing methodologies to provide actionable insights to reduce risk, enhance security posture and safeguard critical assets. 

Nick Talken, Co-founder and CEO, Albert Invent, said: "If we're going to help the world invent faster, we need to defend faster. We engaged Coalfire's AI services to test our readiness for AI threats. Coalfire attempted to attack just as a threat actor would, using the same techniques, and their tests proved that we were prepared. It was important for us to test our response to this new type of threat, because now we know we're ready and can move forward confidently to build the future of chemistry with AI."

Charles Henderson, executive vice president of cyber security services, Coalfire, said: "The possibilities and risks of AI are immense. Companies can't afford to ignore AI's potential but also can't afford to rush into AI implementation without robust security. Coalfire has developed a comprehensive set of services to help organizations innovate while remaining secure and compliant."

About Coalfire:
Coalfire, headquartered in Chicago, Illinois, is a global services and solutions company that specializes in cyber advisory, assessment, and security. The company also develops cutting-edge technology platforms that automate defenses against security threats for the world's leading enterprises, cloud providers, and SaaS companies. Coalfire is the foremost provider of FedRAMP compliance assessments and penetration testing services in the United States. For more information, visit www.coalfire.com and follow on LinkedIn.

Media Contact

Corey Eldridge
Force4 Technology Communications
corey@Force4.co

View original content to download multimedia:https://www.prnewswire.com/news-releases/100-hacked-generative-and-agentic-ai-systems-arent-as-safe-as-you-think-302515414.html

SOURCE Coalfire