CTalk
“Everything around offensive security was pretty much manual until now”
Terra Security CEO Shahar Peled on why offensive cyber defense must run continuously in the age of AI.
Shahar Peled
(Tomeriko - Live Focus)
Terra Security is building what its CEO, Shahar Peled, describes as an “agentic offensive security platform” that uses hundreds of AI agents to continuously simulate cyberattacks on live enterprise systems.
Speaking at the Mind the Tech New York 2026 conference hosted by Calcalist and Bank Leumi, Peled said the approach is designed to replace periodic penetration testing with continuous, automated security validation.
“We train a swarm of hundreds of AI agents to mimic ethical hackers,” Peled said. “They continuously test and validate vulnerabilities in live environments… and prove their exploitability and business impact.”
The system is intended to replicate the work of penetration testers and red teams, but at scale and in real time across web applications, networks, AI systems and other enterprise environments.
Peled argued that traditional offensive security models are increasingly outdated. “Everything around offensive security was pretty much manual until now,” he said. “You could only run it on a scheduled basis once a year, once a quarter.”
He added that this model no longer reflects current threat conditions. “Since AI was widely adopted… this ability to run offensive security capabilities on an annual basis just doesn’t make sense anymore. You have to be able to run it all the time as your attack surface changes all the time.”
The shift toward autonomous testing systems raises questions about trust and control, particularly in production environments. Peled said enterprise customers are cautious about fully autonomous security tools.
“I haven’t met a security leader that is OK with a fully autonomous swarm of offensive agents running on their production environments,” he said.
To address this, Terra incorporates what it describes as guardrails that can halt actions and require human approval in higher-risk scenarios. The system can also be configured to operate with varying levels of autonomy, including environments controlled by the customer’s own teams.
“Some of the actions we do are too intrusive,” Peled said. “We have guardrails that stop the agents and require human approval to proceed.”
He said the company’s customers are typically chief information security officers rather than chief executives, and are focused on balancing continuous visibility with operational risk.
The company positions its approach as a response to the limitations of manual security processes, which Peled said remain dominant in the industry despite being time-intensive and often incomplete.
He described offensive security as a compliance-driven function in most organizations, but said the manual nature of testing means “90% of the process is manual and a lot of it just shouldn’t be.”
Peled also addressed the role of human oversight in AI-driven security systems. While Terra automates continuous testing, he said humans will remain involved in certain high-risk actions.
“In edge cases, organizations will still require a human to be involved for accountability, compliance, and ease of mind,” he said.
The interview concluded with Peled discussing his recent relocation to New York, which he said was driven by the company’s customer and investor base.
“Our customers are here, our partners are here, our investors are here,” he said. “It was the right thing for the business.”
You can watch the full interview in the video above.
