AI-Augmented Series: Why We Take AI Security Training Seriously at Raxis

The Exploit Blog

Penetration Testing Blog

Why We Take AI Security Training Seriously at Raxis
Published on July 14, 2026
Written by Brian Tant

AI is everywhere in cybersecurity right now. Every vendor has an “AI-powered” something, every platform is rolling out a chatbot, and every conference panel has at least one slide about large language models. I get it; it’s genuinely exciting technology that can do useful things. But as the person responsible for the quality and integrity of penetration testing at Raxis, I’ve spent a lot of time thinking carefully about how we use AI, not just whether we use it.

The short answer is: we do use AI, we use it deliberately, and we require annual security awareness training for every member of our team that includes how to use AI safely. This post walks through what that training looks like and why we think it matters, both for how we operate internally and for what it means for you as a customer.

We Use AI to Amplify Skilled Human Testers

Let me start with what AI actually does at Raxis because I think there’s a lot of confusion in the market about what AI-augmented pentesting means.

At Raxis, humans are the core of every engagement. Our pentesters use AI the way a skilled craftsperson uses a good power tool. It helps them work faster and cover more ground, but it doesn’t replace judgment, experience, or creativity. In practice, that means we use AI to help automate time-consuming and repetitive tasks: analyzing large scan outputs, enumerating attack surfaces, building custom payloads, and drafting findings and executive summaries. Our development team also uses AI to accelerate code creation and testing cycles. The key word there is accelerate: a pentester reviews, validates, and takes ownership of every output before it gets anywhere near a deliverable or a client system.

AI isn’t going away in this industry, and, frankly, a team that refuses to use it would be slower and less thorough than one that uses it thoughtfully. What matters is that the human is always in the loop, always accountable, and always thinking critically about what the AI is telling them.

Annual Training: What We Cover and Why

Every year, all Raxis employees go through structured AI security awareness training. I set this up because I believe it isn’t enough to simply tell people to “be careful” with AI. You need to give people a mental model for the risks, specific rules to follow, and the reasoning behind those rules so they can make good decisions in situations the training didn’t explicitly cover.

Here’s what we go through:

Hallucinations and Poor-Quality Results

This is the first thing we cover, and it’s foundational. Generative AI tools produce output by identifying and recreating patterns from their training data. They don’t “know” things in the way a human expert knows things; instead they predict what a plausible-sounding answer looks like based on what they’ve seen before. That means they can confidently produce fabricated information, incorrect technical details, or nonsensical output that looks correct at first glance. These are called hallucinations, and they’re a real problem in a security context.

Our training drives home a simple principle: verify everything. AI-generated output is a starting point, not a finished product. If a pentester asks AI to help analyze a scan result or draft a finding, they are responsible for checking that output against what they actually observed. The training makes clear that they are responsible for AI-generated content just as if you had created it yourself because ultimately, we have to stand behind it.

Privacy and Data Security Risks

This is where we spend serious time because the risks are significant and the mistakes are easy to make.

Most general-purpose AI tools don’t offer strong privacy protections. When you paste data into a chatbot, you generally don’t have visibility into how that data is stored, whether it could be used to train future models, or who else might be able to access it. For a penetration testing firm, this is a critical issue. We handle sensitive customer information including network architectures, vulnerability findings, credentials captured during testing, and proprietary business data. None of that can go into an AI tool that we haven’t vetted and contracted with.

Our training is explicit about what can never be shared with any AI system without proper authorization: personally identifiable information (PII), financial information and licenses, customer assessment collateral or loot, employee or company data, and anything protected by privacy laws or confidentiality agreements. We also cover a subtler point that surprises some people: anonymizing data isn’t a safe harbor. Even without names or identifying details, sensitive information can often be linked back to a customer. The safer approach is to use a least-required-disclosure mindset: share only what the AI genuinely needs to complete the specific task, and nothing else.

Only Approved AI at Raxis

Because of these privacy concerns, we don’t allow our team to just use whatever AI tools they want. Raxis has a confidentiality agreement with specific AI tools and those are the only tools approved for handling anything that might touch sensitive information. This isn’t bureaucracy for its own sake; it’s how we maintain a chain of accountability and ensure that the confidentiality protections in our agreement are actually in force.

Ethical Issues: Bias, Plagiarism, and Unintended Consequences

Our training also covers three ethical dimensions that are easy to overlook when you’re focused on productivity.

AI systems are trained on human-generated data and internet sources, which means they can inherit and reflect the biases present in that data. In security work, a biased AI output isn’t just an ethical problem; it can also lead to flawed analysis. We train our team to evaluate AI outputs critically, not to accept them as objective truth.

Plagiarism is another real concern. AI can and does reproduce copyrighted or protected content from its training data, sometimes without any indication that it’s doing so. Using that output without review creates potential legal liability. And more broadly, because generative AI is still a relatively new technology, there are unintended consequences around intellectual property that aren’t fully mapped out yet. The training emphasizes staying mindful of downstream impacts when using AI to generate any content that will be published, shared with clients, or incorporated into deliverables.

Practical Safety Habits

Beyond the conceptual framework, the training covers specific habits we want everyone to build.

Read the fine print before using any AI tool. Understand its terms and conditions, particularly around what data it may use for training. Even for vetted tools with security contracts limiting their use of data, you should understand the tools you’re using. We also train on how to write effective prompts: be specific about what you need and think carefully about the results you want before you write the prompt.

And always check the sources. AI tools can confidently cite things that don’t exist or point you toward outdated or incorrect information. If something looks useful, validate it. If something looks authoritative, verify it. The same critical thinking that makes a good pentester good at finding vulnerabilities is exactly the mindset needed to use AI responsibly.

Person looking at AI

What This Means for You

If you’re a Raxis customer, I want you to understand a few things about what this training means for your engagement.

Your data doesn’t go into unvetted AI systems. Our team is trained on exactly what can and cannot be shared with AI, and we have specific technical controls that support those rules. When a Raxis pentester uses AI to help analyze findings or draft a report section, they’re doing so within a controlled environment, with a confidentiality agreement in place, and with a human reviewing and taking ownership of every output.

You’re also getting the productivity benefits of AI without the attendant risks. Our team can cover more ground, generate more thorough findings, and deliver better executive summaries, all while a skilled human pentester remains in the driver’s seat. That’s a different proposition than a tool that claims to replace the human altogether.

The training we run every year isn’t just a compliance checkbox. It reflects how seriously we take our responsibility to your data and to the integrity of our work. AI is a powerful part of how modern security testing gets done. The question is whether the people using it understand its limitations, have clear rules to follow, and take personal ownership of the outputs it produces. At Raxis, the answer to all three is yes.

If you found this interesting, take a look at other blogs in our AI Series and sign up for our monthly newsletter to get notified of recent new blogs. 

Brian Tant

Brian Tant

Brian brings to Raxis a rich and varied background in Information Technology spanning more than 20 years. Sought after by clients for his unique blend of business acumen and technical prowess, Brian has consistently delivered value to hundreds of organizations spanning the globe throughout his career. Brian is Raxis’ CTO and currently leads the Raxis Penetration Testing and Social Engineering team.

About The Exploit

The Exploit is written by Raxis penetration testers. Every post is a technical writeup from someone who runs engagements for a living, with code, command output, and the reasoning behind each step. Topics include exploit research, vulnerability disclosure, tool development, and the offensive techniques showing up in current client work.

Search The Exploit Blog

Raxis Discovered Vulnerabilities

View the CVEs and bugs that Raxis pentesters have uncovered and submitted.

Work With the Pentesters Who Wrote This Blog

The engineers behind these posts run real engagements every week. Put them on your network, web apps, APIs, or cloud and see what an attacker would find first.

Join Our Newsletter

Name(Required)
Newsletter(Required)
Do you wish to join our newsletter? We send out emails once a month that cover the latest in cybersecurity news. We do not sell your information to other parties.