NetSPI Penetration Testing as a Service (PTaaS) provides human-delivered penetration testing services combined with AI-powered capabilities across multiple attack surfaces. The platform offers testing services for applications (web, API, mobile, thick client, virtual), networks (internal, external, wireless, host-based, virtual desktop), cloud infrastructures (AWS, Azure, Google Cloud), AI/ML systems including LLM testing and jailbreaking, mainframe environments (z/OS, CICS, IMS), and hardware systems (automotive, medical devices, IoT, ATM, operational technology). The service includes security assessments such as red team operations, social engineering testing (email, phone, physical), detective controls testing with attack simulations, secure code review using SAST tools, cybersecurity maturity assessments, threat modeling, and SaaS security assessments for Salesforce and Microsoft 365. Additional capabilities include merger and acquisition security assessments. The platform provides attack surface visibility through external attack surface management (EASM) and cyber asset attack surface management (CAASM), dark web monitoring for threat detection, and lookalike domain monitoring for brand protection. The service includes breach and attack simulation packs for Linux, ransomware, ESXi, Azure, MITRE ATT&CK, and MacOS environments.