How attackers think
(and why it’s still the best way to test AI products)
November 19, 2025
10:30 AM EDT / 7:30 AM PDT / 3:30 PM GMT
Highlights from the session
Setting the context for modern pentesting
Razvan opens the webinar by outlining how AI is reshaping development workflows, and why the fundamentals of attacker thinking still define effective security testing.
A global audience
Security practitioners from all over the globe joined live, proving how universal the challenges of testing AI-driven apps have become.
Breaking down how AI fits into today’s threat landscape
Razvan walks through how AI apps still rely on the same foundational stack, and why classic risks like privilege issues, insecure integrations, and weak assumptions haven’t gone away.
Where tools fall short and humans step in
Using examples like DEF CON’s AI-vs-human challenge, Razvan explains why creativity, reasoning, and adversarial thinking remain irreplaceable in modern pentests.
What teams really think about AI and security
Attendees agreed on two points: teams use AI heavily, and no one feels fully confident that AI-generated code is secure. A clear signal that attacker-led validation is still essential.
About the webinar
AI helps your team ship fast. But are you testing just as fast - or just as reliably?
If your team is building with LLMs, automated workflows, or AI-generated code, you’re likely introducing new risks without knowing it.
Join us to understand:
Why logic flaws and privilege issues still go undetected in AI-heavy stacks
What AI can’t simulate (yet): attacker creativity and contextual reasoning
The kind of proof you need to convince developers and pass audits
Speakers
At Pentest-Tools.com, Razvan leads high-impact pentesting engagements across industries, turning technical findings into clear, actionable guidance that developers and security teams can use immediately.
From bypassing access controls to chaining business logic flaws across AI workflows, his methodical approach helps customers ship and maintain secure software at speed.
Razvan Ionescu
Head of Professional Services
Razvan Ionescu is Head of Offensive Security Services at Pentest-Tools.com and a seasoned penetration tester with over a decade of experience in ethical hacking. He specializes in uncovering deep, business-impacting vulnerabilities in complex web apps, APIs, and AI-powered systems.
Razvan is also GSE-certified (#298) - one of the few security professionals worldwide to earn the prestigious GIAC Security Expert certification, a recognition of advanced technical skill and real-world problem solving.
Explore short, hands-on videos from Razvan, that walk you through how our offensive security team thinks and operates. From full pentest lifecycle demos (discovery, exploitation, reporting, and retesting) to an overview of what a professional pentest actually delivers. Have a look at how our team uses the product every day to run structured engagements.
Take the next step in securing your organization
Get a deeper look at how our offensive security team works and what a real engagement includes. Download the services brief or request a tailored assessment to understand your actual exposure and get evidence your developers can act on.
Why it’s worth your time
Get practical insights on testing AI-driven apps
Understand the new risks introduced by LLMs, AI-generated code, and automated workflows, and how to validate them effectively.
Leave with evidence-backed, actionable takeaways
Gain clarity on the kind of proof that helps developers fix issues confidently and helps your team pass audits with ease.
Learn how real attackers think
See how human pentesters identify logic flaws and privilege issues that automated scanners, and AI, still miss.
Hear real-world lessons from the field
One of our customers shares what happened when an offensive security team tested their infrastructure, and how it reshaped their development process.
Bridge the gap between automation and expertise
Discover how to combine AI-assisted tools with human reasoning for faster, more reliable vulnerability validation.
Save time and budget with smarter testing choices
Learn when to rely on automation and when to bring in human expertise, so you can focus resources where they matter most.
Couldn't make it live?
No problem! Here's the full recording for you to pause, rewind, or share with your team
From past sessions
How to automate vulnerability detection & reporting for SOC 2
Learn how security teams prepare for SOC 2 by automating the most time-consuming parts of vulnerability detection, validation, and evidence collection. This session walks through practical workflows using Pentest-Tools.com. Ideal for teams that need consistent proof without increasing headcount.
How MSPs can scale vulnerability management with Pentest-Tools.com
See how teams reduce noise, validate real risks, and manage multiple environments without losing visibility. This webinar covers faster scoping, multi-tenant workflows, validated findings for client PoCs, and reporting that helps stakeholders act immediately. A practical guide for security consultants, MSPs, and internal teams dealing with growing attack surfaces.
