UltraViolet Cyber Launches Solstice, a Proprietary AI Platform Designed to Transform Application Penetration Testing

Built by practitioners, Solstice brings broader coverage, faster findings and compounding institutional knowledge to every application security engagement

UltraViolet Cyber (UltraViolet), the only security operations partner that unifies red, blue and purple team capabilities into one integrated offering, today announced the launch of UltraViolet Solstice, its proprietary AI platform for application penetration testing. Built on decades of operator experience from 30,000+ UltraViolet engagements, Solstice runs alongside the company's senior practitioners to deliver broader attack surface coverage, faster engagements and intelligence that compounds with every test.

The application security (AppSec) testing market is currently split into two inadequate options: the ability to scale is constrained, making it difficult to keep pace with modern application development, and autonomous AI tools lack the judgment and context required for enterprise-grade assessments. Solstice operates in a human-led, AI-powered architecture to deliver both scale and Tier-1-grade fidelity. AI handles the scaffolding and practitioners handle the judgment.

"Solstice is how UltraViolet puts AI to work for our pentesters - not as a replacement, but as the engine that scales their expertise,” said Aravind Venkataraman, VP of Technology, UltraViolet Cyber. “We built it ourselves, grounded in years of UltraViolet engagement memory and our practitioners' own proven methodology. The AI proposes, and our expert decides. And because Solstice runs inside our Power of Purple operation, what our offensive team learns through AI directly sharpens what our defensive team detects. That closed loop — AI-augmented offense feeding AI-amplified defense — is something no point-solution vendor can deliver."

Unlike commercial AI tools trained on generic data, Solstice is trained exclusively on UltraViolet Cyber's proprietary knowledge base, including the company's runbooks, historical findings and engagement patterns across every framework and industry vertical it has assessed. Solstice also maintains persistent memory across engagements: Confirmed findings, dismissed false positives and application-specific behaviors carry forward from one assessment to the next, offering a compounding advantage that is not available from any point-in-time manual engagement.

“AI does not replace our pentesters, it amplifies them, and better pentests make every other part of the security operation smarter,” said Ira Goldstein, CEO, UltraViolet Cyber. “We designed Solstice to deliver what serious security programs require: strategic and repeatable expertise on every engagement, every customer and every surface. The question every organization today should be asking themselves is, ‘What is the right division of labor between the human expert and the machine?’, and Solstice is our answer.”

Key benefits of Solstice include:

• Faster delivery without quality compromise: Engagements will run approximately 20% faster, at the same UltraViolet quality.
• Broader coverage in the same window: Vulnerability classes that previously had to be deprioritized for time are now covered concurrently. Specialist AI agents run in parallel across 16+ vulnerability classes, while the practitioner focuses on judgment-heavy work.
• Compounding institutional memory: The Solstice instance testing the customer's application carries forward every confirmed finding, false-positive pattern and application-specific quirk, creating consistently sharper engagements.
• One unified security operation: Solstice operates inside UltraViolet’s Power of Purple model — offensive findings sharpen defensive detection, and defensive intelligence sharpens offensive testing. One operation, not two vendors.

To learn more about Solstice and its approach to human-led, AI-powered AppSec testing, visit: https://www.uvcyber.com/solutions/solstice-ai-augmented-penetration-testing

About UltraViolet Cyber

UltraViolet Cyber is the only security operations partner that unifies red, blue, and purple team capabilities into one integrated team — finding what's vulnerable, stopping active threats, and validating that your defenses hold under real pressure. Built by former U.S. intelligence community operators with 30+ years of experience, we serve 400+ Global 2000 enterprises and federal agencies. Our practitioner-led and AI-accelerated closed-loop operations turn offensive findings into defensive weapons immediately so gaps close in real time and defenses improve before attackers can exploit what testing uncovers. Offense informs defense. Defense sharpens offense. Security that gets smarter and stronger with every iteration.

UltraViolet is at the forefront of AI security. Purpose-built to test, validate, and govern the AI systems organizations are deploying today, UltraViolet brings the same offensive and defensive rigor to AI that it applies across the enterprise. UltraViolet is ranked #19 on the Top 250 MSSP List and is headquartered in McLean, Virginia. Learn more at uvcyber.com.

View source version on businesswire.com: https://www.businesswire.com/news/home/20260603878160/en/

"We designed Solstice to deliver what serious security programs require: strategic and repeatable expertise on every engagement, every customer and every surface."