Ridge Security Announces Powerful New AWS, Windows Pentesting Features for RidgeBot 6.0

MILPITAS, Calif.--(BUSINESS WIRE)--Ridge Security, leader in AI-powered offensive security for Continuous Threat Exposure Management (CTEM), today announced two new features for RidgeBot 6.0 that enhance context-aware offensive security validation across IT, OT, and AI infrastructure – AWS Security Audit and Windows Authenticated Pentest enhancements.

RidgeBot 6.0 simulates post-compromise attacks to expose cloud and Active Directory risk – before attackers do.

Share

“These new RidgeBot 6.0 features help customers enhance security validation in critical IT infrastructure,” said Lydia Zhang, President and co-Founder, Ridge Security. “By combining LLM-based contextual intelligence with proven domain-specific knowledge, RidgeBot enables more complex exploit testing and uncovers vulnerabilities unique to each environment.”

Experts continually note that misconfigured S3 buckets – such as those with public access, weak IAM policies, or poor access controls – can expose massive amounts of sensitive data.

RidgeBot’s AWS Security Audit provides a comprehensive review of an organization’s AWS environment, automatically evaluating services and accounts against industry best practices. The audit assesses identity and access management, network security, logging and monitoring, and storage and compute configurations to identify misconfigurations, publicly exposed attack surfaces, and insufficient monitoring, delivering prioritized findings with actionable remediation recommendations to reduce risk and improve overall cloud security posture, including preventing incidents such as S3 exposure.

Windows Active Directory (AD) security is critical in Windows-based IT environments across all industries, but black-box testing alone fails to uncover security weaknesses within an AD domain. RidgeBot 6.0 introduces enhanced Windows Authenticated Pentesting (WAP) to address this gap through gray-box testing that simulates real-world post-compromise behavior.

With WAP, RidgeBot 6.0 operates with local administrator credentials to assess how deeply an attacker could penetrate an AD environment after initial access. It automatically executes techniques such as credential harvesting, NTLM relay, pass-the-hash, and privilege escalation to expose misconfigurations that enable lateral movement and domain compromise – without requiring that endpoint protection be disabled – delivering a clear, actionable assessment of AD security posture.

More technical details on both new features are available on Ridge Security’s website.

About Ridge Security

Ridge Security delivers intelligent, autonomous cybersecurity validation solutions that help organizations proactively manage risk and improve resilience. Its flagship platform, RidgeBot^®, is a leading agentic AI-based adversarial risk validation platform that supports continuous threat exposure management programs. RidgeBot combines ethical hacking techniques with AI-powered automation to continuously identify, exploit, and validate vulnerabilities across IT, OT, and cloud infrastructures. Recognized by Gartner in the Market Guide for Adversarial Exposure Validation and honored with awards such as Top Emerging Cyber Security Company for 2025 and CRN’s Tech Elite 250 of 2025, Ridge Security serves customers across North and South America, Europe, and Asia through a network of 400+ partners in sectors including finance, government, telecom, and enterprise.