Sweet Security Launches AI Red-Team Agent
The Israeli cybersecurity company says the platform maps and validates real attack paths using production data, amid rising focus on AI-driven offensive security benchmarks
Photo credit: Ben Itzhaki
Sweet Security, an Israeli company developing a security platform for dynamic cloud and AI environments, has launched Sweet Attack, an AI red-team agent designed to identify and validate exploitable attack paths in cloud and application environments using production runtime data.
The launch comes amid growing attention around Anthropic’s Mythos benchmark, which has increased pressure on enterprises to quantify exposure to AI-accelerated offensive capabilities. Security teams are increasingly being asked to express risk in comparable, measurable terms.
Sweet Security says existing red-teaming approaches have limitations. External testing tools such as DAST lack internal system context, while human-led exercises are periodic. AI-based tools, the company argues, often operate without access to production-level telemetry.
Sweet Attack uses runtime data collected from customer environments, including application behavior, API activity, identity relationships, and system topology. It maps these signals into multi-step, potentially exploitable attack paths. The platform supports continuous attack chain enumeration, API and identity-level visibility, and audit-ready reporting.
Only validated attack chains are reported, along with evidence of execution conditions and remediation guidance. The company says the system is designed to run continuously in production environments and to prioritize confirmed exploitability over theoretical vulnerabilities.
Early customers cited in the announcement include Cast & Crew Entertainment Services and Auctane. Both said the platform surfaced previously unidentified attack paths and improved remediation prioritization.
“For two years the industry has been bracing for an attacker class moving at AI speed — with nation-state tooling and live knowledge of every exploitable seam. Mythos forced everyone to put a number on the gap,” said Dror Kashti, CEO and co-founder of Sweet Security.
He added: “We don’t model the threat — we safely execute it against the customer’s actual production environment and report back what worked. The myth is that defenders can’t keep up with attack speed. Sweet Attack debunks it.”
Sweet Security was founded by Dror Kashti, Eyal Fisher, and Orel Ben Ishay, and is backed by Evolution Equity Partners, Munich Re Ventures, Glilot Capital Partners, CyberArk Ventures, and others.