Redazione RHC : 19 November 2025 13:59
In recent months, a new cyber operations infrastructure has been developing in the United States, in which automated agents are becoming not just a support tool, but a full-fledged participant in offensive operations .
Amid competition with China over autonomous systems capabilities, Washington is investing heavily in research that expands the scope of attacks and reduces preparation times, focusing on the concept of multi-threaded hacking based on artificial intelligence. One of the centers of this initiative is the little-known company Twenty , based in Arlington , which has received several contracts from U.S. military agencies.
The company, which has not yet formally emerged from stealth mode, has signed a contract with the U.S. Cyber Command worth up to $12.6 million. It has also received a separate research contract with the Navy for $240,000. The fact that a venture-backed startup is receiving investment in offensive technologies sets it apart from traditional contractors typically operating in this segment. Furthermore, Twenty is funded by intelligence-related entities: investors include In-Q-Tel, a venture capital firm founded with the support of the CIA, as well as private funds operating in the high-risk technology market.
Twenty’s website states that the company creates automation tools that transform labor-intensive offensive procedures from manual operations to streamlined operations, executed simultaneously against large numbers of targets. Judging by the language, these are systems that automatically scan for adversaries’ vulnerabilities, prepare penetration scenarios, and launch attack chains with minimal human intervention . This approach effectively transforms offensive operations into a continuous pipeline, processing hundreds of addresses and services simultaneously.
The company’s job postings reveal further details. Requirements for an offensive research manager include developing new methods for penetrating enemy networks, developing frameworks that describe attack routes, and model-based hacking automation systems. Twenty’s sought-after engineers will work with tools for managing multiple AI agents, including open-source solutions for coordinating groups of autonomous assistants. Other positions focus on developing realistic digital personas that will engage in social engineering operations and infiltrate online communities and private communication channels. This type of activity is traditionally used by state agencies to gain access to enemy networks without directly resorting to technical hacking.
Twenty’s team is made up of individuals with extensive experience in the U.S. military and intelligence sectors. The company’s CEO served in the Navy Reserve and worked on security products at a major U.S. company, joining the company after acquiring a startup focused on network mapping for national security. The CTO focuses on network exposure analysis and previously served in U.S. Army signals intelligence units. The chief of engineering spent over a decade at Cyber Command and other Army units, while the chief of government affairs served on Capitol Hill and on the National Security Council transition team.
The United States isn’t the only country using models for intelligence and cyber operations. Recent research by Anthropic found that Chinese groups are using models to prepare attacks, allowing autonomous agents to perform much of the routine work, from infrastructure reconnaissance to exploitation plans. These tools can reduce the preparation time for complex operations and accelerate the identification of weaknesses in adversary networks.
The Pentagon has also signed agreements with OpenAI, Anthropic, and xAI worth up to $200 million each, but details of the projects have not been disclosed. There is no information on whether these companies’ developments will be used for offensive missions. Given their access to infrastructure and models, this remains a likely scenario, especially given the growing pressure from China.
In light of the startup in question, it’s worth mentioning Two Six Technologies , which has been working for several years on an automated offensive operations system called IKE . This system allows an autonomous module to decide whether to launch an attack when the probability of success is high. This project has raised $190 million in funding, but there is no indication that it can run parallel operations across hundreds of resources at the same scale as Twenty claims.
The use of models in defense is much more widespread. For example, the Israeli company Tenzai adapts artificial intelligence models to identify vulnerabilities in enterprise software. Its solutions simulate attacks, but they are not designed for actual hacking, but rather to test the resilience of customer systems.
The development of automated offensive systems is changing the structure of cyber warfare. With the emergence of solutions designed to deliver massive, parallel impacts on adversary infrastructure, offensive actions are becoming faster and more widespread.
Judging by current contracts, the United States is seeking to gain a significant advantage in this area . To this end, it is leveraging a combination of large corporations, venture capital firms, intelligence resources, and young companies to create architectures designed for multi-threaded automation.
Redazione