New research introduces Coverage-Driven Sustained Testing (CDST), a graph-oriented model for autonomous AI agents in cybersecurity. Unlike traditional task-based workflows, CDST dynamically expands exploration based on state-space coverage gaps, enabling sustained vulnerability discovery in pentesting and reverse engineering.

In brief - CDST shifts agentic workflows from static task execution to continuous, coverage-driven exploration. By leveraging state graphs, it unlocks new investigative paths (e.g., SSRF findings branching into further attacks) and scales assessments via dynamic backlog generation. A paradigm shift for autonomous threat hunting.

Technically - CDST replaces binary pass/fail metrics with a multi-dimensional coverage matrix, tracking vulnerability classes, auth states, and input paths. Agents operate in consultation or inversion modes, with the latter preferred for orchestration. Neo4j manages state graphs, while OODA/Gibbs cycles govern decision-making. Memory limitations are mitigated by offloading long-term state to the graph, enabling scalable, open-ended assessments.

Source: https://trustedsec.com/blog/coverage-driven-sustained-testing-cdst-agentic-workflows

#Cybersecurity #ThreatIntel