For decades,
penetration testing relied on security researchers and engineers simulating attacks to uncover vulnerabilities before adversaries could exploit them. That model worked when software moved slowly. It breaks in a world where code ships continuously, infrastructure is increasingly complex, and attack surfaces expand faster than security teams can test them.
At the same time, attackers have gained a powerful new tool. AI enables autonomous agents to probe systems continuously, reason through complex exploit paths, and launch persistent attacks at a scale no human team can match. Meanwhile, experienced pentesters remain scarce and expensive, leaving large portions of modern applications insufficiently tested. The result is a widening gap between how fast software is built and how effectively it can be secured.
XBOW was built to close that gap. Founded by Oege de Moor, XBOW is a fully autonomous AI penetration testing platform that continuously identifies and exploits vulnerabilities before attackers can. XBOW deploys specialized AI agents that continuously and systematically scan applications, uncover complex exploit chains, document vulnerabilities in detail, and suggest fixes for developers.
In 2025, XBOW became the #1 ranked autonomous penetration tester on HackerOne’s global leaderboard, outperforming the world’s best human hackers and making waves in the global security community. In fact, HackerOne later separated human and machine rankings, revealing the profound shift XBOW spurred. In less than two years since founding, the company has become a category leader, protecting some of the world’s largest enterprises and quickly becoming a mission-critical part of their security stack.
XBOW is led by a founder uniquely suited to lead this category. Oege de Moor has spent his career at the intersection of code generation and security - first as an Oxford professor, then as the founder of Semmle, later acquired by GitHub, where he led the Innovation Lab and helped build AI-powered developer tools including GitHub Copilot. Oege combines deep technical insight with exceptional clarity of vision and has assembled an all-star team of researchers, engineers, and operators around that mission.
As our Partner, Sanjot Malhi puts it,
“XBOW is fast becoming a true category defining company in autonomous offensive cybersecurity. Fortune 500 companies and global enterprises already rely on the platform as a mission-critical layer in their cyber stack, trusting it to protect their most vital applications. In a remarkably short time, Oege and the team have built one of the most capable AI security platforms in the world, and we’re excited to partner with them on the journey ahead.”
As software development accelerates and AI-powered attacks become the norm, penetration testing must evolve from periodic assessments to continuous, autonomous defense. XBOW is building the platform that makes this possible, and we’re excited to partner with Oege and the XBOW team on their mission to lead autonomous offensive security for global enterprises, co-leading the $120M Series C alongside DFJ Growth, with participation from Alkeon, Sofina, Altimeter, and Sequoia Capital.
