Back to vendors
Ghost Security logo

Ghost Security

Also known as: Ghost Labs, Reaper (Ghost Security)

Visit site
Security / SOC agentprivateVerified 2026-07-08

Autonomous application and API security built on agentic AI: Reaper, an open source AppSec testing framework usable by humans and AI agents, plus the Ghost Platform for continuous discovery, testing and risk context, backed by Munich Re Ventures.

Ghost Security is an Austin based cybersecurity company building autonomous application and API security around agentic AI, rather than layering AI onto legacy scanners. Its open source foundation, Reaper, is a modern AppSec testing framework, licensed Apache 2.0 and engineered to be usable by humans and AI agents alike, that consolidates reconnaissance and domain discovery, a man in the middle HTTPS proxy, request tampering, business logic fuzzing of live apps and APIs, and reporting into one workflow. Instead of brute force, Reaper uses agentic AI to select and prioritize attacks from real time reconnaissance and the target's structure, refining its approach from prior attempts to produce tightly scoped, resource efficient tests with AI generated, actionable remediation reports. Ghost frames its roadmap in levels of autonomy: a free launch tool for automated testing and reporting, an Autopilot AI only mode and a Co-op human in the loop mode with a Ghost API key, and a commercial Ghost Platform that adds continuous, context aware testing across source code and internal and external assessments with continuous discovery, monitoring and risk context spanning the OWASP Top Ten and beyond. An experimental system called ReaperBot shows the direction of travel, orchestrating a team of specialized agents, a Discoverer and a Tester, that drive Reaper through its APIs to autonomously find and validate vulnerabilities, and Ghost publishes agent skills so AI agents can operate its tooling directly. Founded by serial security entrepreneurs Greg Martin and Josh Larsen and backed by investors including Munich Re Ventures, Ghost Security is pursuing fully autonomous application security for cloud native environments.

Vendor details

Canonical URL

https://ghostsecurity.com/

Category

Security / SOC agent

Funding status

Venture backed; investors include Munich Re Ventures. Austin, Texas. Founded by Greg Martin (CEO) and Josh Larsen (CTO). Specific round sizes not disclosed in retrieved sources.

Company status

private

Use cases & customers

Primary use cases

Autonomous application and API security testingBusiness logic and BOLA fuzzing of live apps and APIsContinuous application discovery, monitoring and risk contextAI agent driven offensive security testing

Target customers

Application security teams and AppSec analystsPenetration testers, red teams and bug bounty huntersEnterprises securing cloud native apps and APIs

Deployment options

Open-source self-host (local binary or Docker)Runs locally with data in a local database (air-gap capable)Commercial Ghost Platform (cloud)

Integrations

Reaper unifies reconnaissance, a man in the middle HTTPS proxy, request tampering, fuzzing and reporting, and is built so humans and AI agents can drive it alike; ReaperBot orchestrates Reaper through its APIs, and Ghost publishes agent skills for AI agent integration. Reaper integrates with the commercial Ghost Platform for continuous discovery, monitoring and workflow, and runs via a local binary or Docker with OpenAI powered agents.

Capability coverage

8.0 / 14 capabilities · 57%

Integrations & Tool CallingReaper exposes reconnaissance, proxy, tampering, fuzzing and reporting as tools that agents invoke; ReaperBot orchestrates Reaper through its APIs (reaper_scan_domain, reaper_test_attack_endpoint and more), and Ghost publishes agent skills for AI agent integration (ghostsecurity.com ReaperBot blog; github.com/ghostsecurity/reaper). Full
Workflow OrchestrationReaper's workflow system chains proxy, fuzz and reporting actions, and ReaperBot orchestrates a team of specialized agents (Discoverer then Tester) to autonomously run multi step recon, attack selection, fuzzing and validation (ghostsecurity.com ReaperBot blog; Darknet review). Full
Knowledge Grounding & RAGAgents are context aware, grounding attack selection in real time reconnaissance data, the target application's structure and, on the commercial platform, source code and internal and external assessments, though this is target context rather than a document knowledge base or RAG (ghostsecurity.com vision blog). Partial
Human Oversight & GuardrailsOffers a Co-op human in the loop mode alongside an Autopilot AI only mode, and testing is tightly scoped to in scope traffic and targets to limit operational risk, combining human expertise with autonomous testing (ghostsecurity.com vision blog). Full
Security, Identity & GovernanceThe open source tool runs locally, logging traffic to a local database with no external egress and an air gap capable footprint, but no named enterprise certifications, RBAC or single sign on are documented for the commercial platform in retrieved sources (github.com/ghostsecurity/reaper; ghostsecurity.com). Partial
Observability & AuditabilityReaper logs requests and responses to a local database with a CLI to search and inspect captured traffic and generates comprehensive reports, and the Ghost Platform adds continuous monitoring and real time insight, though agent run tracing is not documented (github.com/ghostsecurity/reaper; ghostsecurity.com). Partial
Memory & State PersistenceReaper persists scan and traffic results to a local database that agents query, and it refines its approach based on prior attempts, giving working state across a testing engagement, though long term agent memory is not documented (ghostsecurity.com ReaperBot blog; Business Wire). Partial
Deployment & Data ResidencyReaper self hosts as a local binary or Docker container on Linux and macOS with data kept in a local database, giving strong residency for the open source tool, but the commercial Ghost Platform's deployment and residency options are not detailed (github.com/ghostsecurity/reaper; Darknet review). Partial
Prebuilt Agents / Templates / PacksReaperBot ships a prebuilt team of specialized agents (a Discoverer and a Tester) with defined tools, Ghost publishes reusable agent skills, and Reaper provides prebuilt attack types and report templates, though these agent packs are experimental (ghostsecurity.com ReaperBot blog). Partial
Triggers & Channel CoverageThe commercial platform provides continuous, context aware testing that runs on an ongoing basis, and the tool is invoked by CLI, API or agent, though scheduled trigger configuration and notification channels are not detailed in retrieved sources (ghostsecurity.com vision blog). Partial
Model Flexibility & RoutingReaper and ReaperBot are built on OpenAI models with a customer supplied OpenAI API key, and no multi provider model choice or routing is documented in retrieved sources (github.com/ghostsecurity/reaper; ghostsecurity.com ReaperBot blog). Unable to verify
APIs / SDKs / MCP ExtensibilityReaper is open source under Apache 2.0 with a modular, extensible architecture, exposes APIs that ReaperBot drives, ships as a CLI and Docker image, and publishes agent skills so external AI agents can operate it directly (github.com/ghostsecurity/reaper; ghostsecurity.com ReaperBot blog). Full
Testing, Debugging & OptimizationGhost uses the Ghostbank challenge as an evaluation harness to validate ReaperBot's agent behavior, and Reaper iteratively refines and prioritizes attacks from prior attempts and produces remediation reports, though a user facing agent evaluation suite is not documented (ghostsecurity.com ReaperBot blog). Partial
Browser / Computer-useReaper operates at the HTTP layer through a man in the middle proxy, crawling and fuzzing apps and APIs, rather than driving a browser or operating a computer interface, so first class browser or computer use is not documented (github.com/ghostsecurity/reaper; Darknet review). Unable to verify

Recent platform changes

No recent material changes tracked yet.

Pricing

Reaper is free and open source (Apache 2.0); extra autonomy is free with a Ghost API key; the commercial Ghost Platform is priced on request.

Open source free; commercial platform priced by the company

Public — partialMedium variable costFree tierTrial available

Cost watchouts

Agentic features of the open source tool consume the customer's own OpenAI API usage; the commercial platform is priced separately and not disclosed.

Variable cost rationale

The open source Reaper runs on the customer's own infrastructure and uses the customer's OpenAI API key, so agentic testing incurs the customer's own model costs; commercial Ghost Platform pricing is undisclosed.

Sales call required

Yes — required for paid access

Free / trial

Free and open source Reaper, plus free autonomy modes with a Ghost API key

Lowest paid plan

Not published; commercial Ghost Platform via sales

Key ambiguities

The open source tool is clearly free, but the commercial Ghost Platform's packaging, maturity and pricing are not published.

Verified 2026-07-08

Contact us

Found a vendor we missed? Have feedback on the index? We'd love to hear from you.