eSentire launches Atlas Preempt for continuous testing

eSentire has launched Atlas Preempt, a security service that adds continuous penetration testing and offensive security to its response offerings. The service is now available through the company's Atlas platform.

Atlas Preempt runs ongoing tests against customer environments and feeds the results into eSentire's Managed Detection and Response and Incident Response operations. It combines threat intelligence, vulnerability scanning, attack surface discovery, and AI-led penetration testing to identify weaknesses attackers can reach.

eSentire is positioning the product around a shift in how cyber attacks unfold. It cited industry research showing that attackers are exploiting new vulnerabilities faster, while many organisations still rely on periodic assessments and static severity ratings to decide which issues to fix first.

Atlas Preempt is intended to move customers from point-in-time testing to continuous validation. It assesses exposures by proven exploitability rather than severity score alone, linking those findings to round-the-clock monitoring and response.

The launch extends eSentire's managed security model. Founded in 2001, the company says it works with more than 2,000 organisations across more than 35 industries.

Healthcare case

One example involved a healthcare electronic medical record provider. Atlas Preempt identified an overlooked staging application programming interface host after autonomously mapping more than 300 subdomains.

The system found that authorisation controls had been disabled across 106 endpoints. The issue could have exposed more than 20 million patient records, including Social Security numbers, prescriptions, dates of birth, and addresses, to unauthenticated callers.

eSentire alerted the customer the same day and provided a five-step remediation plan. That allowed immediate web application firewall containment and, according to the company, closed the exposure before any attacker could exploit it.

The healthcare example illustrates a wider industry issue: security coverage beyond core production systems. Traditional manual penetration tests often focus on primary domains and agreed scope, while cloud estates, test environments, and forgotten internet-facing assets can remain outside routine review.

Atlas Preempt is designed to address that by continuously discovering assets and testing potential attack paths across a broader environment. It can also validate cloud and software-as-a-service misconfigurations through simulated exploitation, rather than simply generating long lists of alerts.

Speed of attacks

eSentire pointed to data showing that the pace of attacks is increasing. It cited Google threat intelligence research that found attackers weaponise new vulnerabilities a median of seven days before public disclosure, as well as Verizon's 2026 Data Breach Investigations Report, which found vulnerability exploitation was the leading initial access vector in about one-third of all breaches, up 55 per cent year on year.

That shift has increased pressure on managed security providers and internal security teams to prioritise fixes more precisely. Security leaders have long faced too many findings and too little evidence about which ones represent a realistic path into the business.

By combining scanning with active testing, eSentire is trying to narrow that gap. The service orchestrates reconnaissance, vulnerability, and exploit tooling with input from the company's Threat Response Unit, which supports its threat hunting and detection engineering work.

eSentire also said the product keeps an audit trail of offensive actions for use with boards, regulators, and cyber insurers. That reflects growing scrutiny from senior executives and compliance teams over how testing is carried out and how evidence is documented.

Dustin Hillard, Chief Product and Technology Officer at eSentire, said the launch responds to the mismatch between the speed of attackers and the pace of traditional assessments. "The economic advantage has always favored attackers, and frontier-AI models widen it. They now operate at machine speed and scale, while quarterly assessments and severity scores were built for a threat that moved at human pace. Atlas Preempt closes that gap, giving defenders a continuous attacker's-eye view of their own environment and turning vulnerability disclosures into validated, prioritized risk in hours, not weeks, with the human oversight boards, regulators, and insurers require," said Hillard.