AI consulting needs a pentest rethink, not just IT security
News11 July 2026

AI consulting needs a pentest rethink, not just IT security

PD

Pacific Data

Learn why AI consulting engagements must map new data access AI tools create, and why standard penetration testing methodology misses AI-specific risks.

TechGuide, the Australian technology publication, has published a detailed guide on penetration testing methodology, arguing that structured, manual security testing has become essential as organisations run more of their operations through websites, web applications, mobile apps, APIs and cloud services. The guide makes a specific case: automated scanning alone misses the vulnerabilities that matter most.

That distinction has direct relevance for any Australian business now buying AI consulting services or building AI-assisted workflows. Most of those workflows run through the exact systems TechGuide's guide covers — APIs, cloud platforms, and web applications — which means the same testing gap applies to AI deployments, not just traditional IT.

Automated scanners find known flaws, not the ones attackers actually use

TechGuide's guide draws a clear line between automated vulnerability scanning and manual penetration testing. Scanners catch known, catalogued issues. They do not reliably catch authentication weaknesses, logic flaws, or the way multiple small vulnerabilities combine into a serious breach.

The guide argues that experienced security consultants assessing systems "from an attacker's perspective" close that gap. It also calls for risk-based reporting — ranking findings by severity and business impact — rather than handing back an undifferentiated list of issues. Validation testing and retesting, it says, confirm that fixes actually worked.

Web, mobile and API testing cover the same ground AI tools now sit on

The guide specifically calls out website penetration testing, web application testing, mobile application testing, and API assessments as core components of a modern methodology. Each of these, it notes, is where businesses process customer transactions, store sensitive data, and manage authentication.

That is also precisely where generative AI tools now plug in. A chatbot connected to a CRM, an AI-assisted quoting tool pulling from an ERP, or a document-analysis workflow reading from cloud storage — all of these ride on the same APIs, cloud services and web application layers TechGuide's guide is describing. The guide does not mention AI specifically. But the infrastructure it describes is the same infrastructure carrying AI workloads inside most mid-market businesses today.

AI consulting needs a pentest rethink, not just IT security - Additional Image
Image

The consulting gap TechGuide doesn't name but implies

TechGuide's guide is written for a general IT security audience, not an AI-specific one. It makes no reference to large language models, AI vendors, or AI-specific attack surfaces such as prompt injection or data leakage through model integrations.

That omission is itself informative. Cybersecurity risk management practices built for websites and APIs were not designed with AI workflow security in mind, and the guide's own framing — manual testing, risk-based prioritisation, remediation validation — was written before AI integrations became a standard feature of business software.

Pacific Data's view: Australian mid-market businesses adopting AI tools through platforms such as Microsoft Copilot or Anthropic Claude are typically extending existing cloud infrastructure, not replacing it. A penetration test scoped only to "the website" or "the API" before an AI rollout began may no longer reflect what data that AI tool can now reach. Any AI consulting engagement that documents new workflows should also document what new access those workflows create — because that access is exactly what a penetration test is designed to probe.

Cloud security strategy now has to account for what the AI can see

The guide's broader argument — that cloud services and connected infrastructure need the same rigour as public-facing websites — lands squarely on the cloud security strategy question every business running AI tools now faces. An AI assistant with access to a shared drive, a customer database, or an email inbox inherits whatever permissions that access carries.

TechGuide's guide does not extend its methodology to cover that scenario. Nobody in the piece is quoted addressing AI-specific risk directly.

That gap is likely to close as more consultancies apply established penetration testing methodology to AI-integrated environments rather than treating AI tools as sitting outside the security perimeter. Until then, the responsibility for deciding whether an existing security assessment still covers a newly deployed AI workflow rests with whoever signed off on the AI rollout in the first place — and TechGuide's guide is a reminder of how specific that assessment needs to be.

Get Started

Let's build something great together

Ready to transform your technology into competitive advantage? Reach out and let's explore what's possible.

Send us a message

We'll get back to you within one business day.

Prefer to talk?

Book a free 30-minute consultation. No pressure, just a conversation about your goals.

Serving businesses across Australia. Your data and privacy are always protected.