From PentestGPT to production: The state of AI-assisted offensive security with Charles Grandjean

limacharlie logo
LimaCharlie
May 28, 2026
LimaCharlie

Join us for this week's Defender Fridays as Charles Grandjean, CTO and Co-founder at Hexiagon AI, breaks down where AI-assisted pen testing actually stands today and what it means for both red teams and defenders.

At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

What We'll Discuss

In this episode, Charles Grandjean draws on his experience building an AI-powered continuous pen testing platform to trace how LLM capabilities have evolved for offensive security, and what the rise of autonomous attack tooling means for defenders.

Key Topics:

  • How AI pen testing has progressed from unreliable single commands to chaining complex attack sequences
  • Why the last six months marked a turning point in LLM planning and long-context reasoning
  • When to use in-context learning and RAG versus fine-tuning, and why most teams should start with the former
  • Why privacy considerations push serious pen testing operations toward self-hosted models
  • How the balance between model control and code control has shifted as models have improved
  • Why unrestricted and fine-tuned open-weights models are lowering the barrier for malicious actors
  • What automated offense means for defense teams and why the response needs to match the scale of the threat

About Our Guest

Charles Grandjean is the CTO and Co-founder of Hexiagon AI, a company focused on automating penetration testing through AI to enable continuous, around-the-clock security validation. He has been building and iterating on AI-assisted offensive tooling for the past two years, tracking the evolution of LLM capabilities firsthand from early prototype to production system.

Register for Live Sessions

Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you, our audience.

Register here: https://limacharlie.io/defender-fridays

Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!

Sponsored by LimaCharlie

This episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable.

Why LimaCharlie?

  • Eliminate vendor sprawl and tool complexity
  • Deploy and scale effortlessly on native multi-tenant architecture
  • Reduce costs with intelligent data routing and free 1-year retention
  • Build custom solutions with 100+ security capabilities on-demand
  • Accelerate response with agentic AI that acts directly within predefined workflows

Try the Agentic SecOps Workspace free: https://limacharlie.io
Learn more: https://docs.limacharlie.io

Follow LimaCharlie

Sign up for free: https://limacharlie.io
LinkedIn: / limacharlieio
X: https://x.com/limacharlieio
Community Discourse: https://community.limacharlie.com/

Host: Maxime Lamothe-Brassard - Founder at LimaCharlie
Guest: Charles Grandjean - CTO and Co-founder at Hexiagon AI

#defenderfridays #limacharlie #cybersecurity #infosec #secops

Copyright © 2026 OpsMatters™. All rights reserved.