Breachline is an autonomous AI penetration testing platform backed by a UK offensive security team. Its AI engine, Nebula, uses multiple reasoning models and a swarm of specialist agents to discover, exploit, and verify vulnerabilities, with every finding backed by real tool output and a working proof-of-concept. It delivers compliance-ready reports mapped to PCI-DSS 4.0, SOC 2, HIPAA, ISO 27001, OWASP Top 10, and NIST CSF.

How does autonomous pentesting work?

Nebula AI follows a multi-phase autonomous attack lifecycle: (1) Planning - classifies target and assembles optimal agent team, (2) Recon - runs tools in parallel to map attack surface, (3) Analysis - specialist agents test every vulnerability class with MITRE ATT&CK mapping, (4) Exploit - builds working PoC exploits in sandboxed containers, (5) Report - delivers executive summaries and technical deep-dives to Slack and email instantly.

What compliance frameworks does Breachline support?

Breachline automatically maps findings to 6 compliance frameworks: PCI-DSS 4.0, HIPAA, SOC 2 Type II, ISO 27001, OWASP Top 10, and NIST CSF with specific control IDs. Reports are audit-ready and delivered instantly via Slack and email.

Is Breachline safe to use on production systems?

Yes. Nebula runs all exploits in isolated Docker containers with fresh network namespaces. Containers self-destruct after each test, leaving zero artifacts on your infrastructure.

Changelog

WHAT'S NEW IN NEBULA

Every update to the platform -new capabilities, performance improvements, and fixes -documented as we ship.

v2.6.0May 2026

HumanBrowser: Live Vision-Driven Pentesting

Nebula now drives a real Chromium browser by sight, the way a human tester does. Vision-based element selection, human-fidelity input, and a live theater stream let it test modern web apps without tripping bot detection.

FeatureVision-driven browser agent with Set-of-Mark element selection -no brittle CSS selectors

FeatureHuman-fidelity interaction: bezier mouse paths, gaussian-jittered typing, and read-pauses before high-stakes actions

FeatureLive theater stream -watch the agent operate in real time over a WebSocket, routed through Burp or ZAP for full traffic capture

v2.5.0May 2026

Open Source Tooling Suite

We open-sourced the engineering behind Nebula: the multi-agent orchestration core, attack-surface discovery, supply-chain attack simulation, and an AI-tests-AI security auditor.

Featurereactswarm -production-grade multi-agent framework with ReAct loops, swarm coordination, and distributed tracing

Featuresurfacemap and chainreaper -LLM-driven attack surface discovery and autonomous supply-chain attack simulation

Featurenerve -an AI-powered security auditor that probes other AI systems for prompt injection and unsafe tool use

v2.4.0March 2026

Adaptive Execution Intelligence

Nebula now dynamically switches between conversational and operational modes based on real-time intent classification, delivering faster responses and more precise actions.

FeatureNew behavioural mode system -Nebula automatically switches between conversational and operational modes based on intent classification

ImprovementSmart memory loading -only fetches relevant memory layers per-intent, reducing latency by 40%

FixResolved duplicate Slack notification issue during concurrent scans

v2.3.2March 2026

Fast-Path Intent Classification

Greeting messages now skip the full classification pipeline entirely, shaving 2-4 seconds off every casual interaction and freeing compute for real tasks.

ImprovementGreeting messages now bypass LLM classification entirely, saving 2-4 seconds per interaction

FixTool calling context properly forwarded across all LLM providers

v2.3.0February 2026

Multi-Provider LLM Router

Nebula can now route tasks across multiple AI providers with automatic failover and circuit-breaker recovery - no single point of failure for inference.

FeatureMulti-provider AI engine with automatic failover and zero single points of failure

FeatureIntelligent task routing - each attack type matched to the optimal reasoning engine

ImprovementCircuit breaker pattern for AI calls - automatic recovery from provider outages

v2.2.0February 2026

Agent Team Coordination

Introducing the agent team: specialist security agents that coordinate via swarm, parallel, and sequential execution to cover every attack surface.

FeatureSpecialist security agents with swarm, parallel, and sequential execution modes

FeatureReal-time Slack communication -Nebula posts findings as they're discovered

ImprovementDocker sandbox lifecycle management with automatic container health monitoring

v2.1.0January 2026

Enhanced Scan Intelligence

Multiple scan modes let you control depth and speed. The orchestrator now uses AI-driven phase planning to adapt strategy mid-scan.

FeatureMultiple scan modes - QUICK, RECON, FULL, DEEP, RED_TEAM, API

FeatureAI-driven scan phase orchestration with dynamic phase planning

ImprovementFinding deduplication and severity classification using AI

v2.0.0January 2026

Nebula Public Beta

The launch of Nebula - autonomous black-box pentesting with zero configuration. Point it at a target, and it handles the rest.

FeatureAutonomous black-box pentesting with zero configuration

FeatureFull offensive security toolkit in isolated sandbox environments

FeatureMulti-layer persistent memory system for cross-scan intelligence

FeatureReal-time vulnerability reporting via Slack and email

Stay Updated

Ship with confidence

Follow our progress as we build the future of autonomous pentesting. Major releases are announced on our blog and via email.

Read the blog