Can Agentic AI Perform Business Logic Pentesting?

I’ve spent quite a number of years believing business logic testing was a human-only domain. However, agentic AI is now validating real attack paths with a high accuracy rate. The tool I am using detects BOLA and complex workflow abuse. Plus, leveraging Playwright, it navigated modern SPAs and authenticated flows that once required manual intervention.

This shift resulted in a 90% reduction in my manual pentesting effort. This makes me believe that we are finally moving towards the future where security testing automation will be reliable.

Curious to know what other testers think about automating pen tests… Also, what tool has helped you reduce manual efforts… Would love to try it out myself!