In Aviva Zacks of Safety Detectives’ interview with Ivan Tsarynny, Co-Founder and CEO of Feroot, she asked him about his company’s use of good AI bots.
Safety Detectives: Tell me what motivated you to start Feroot.
Ivan Tsarynny: As my co-founder Vitaliy Lim and I were growing our previous company, we noticed that web apps began being assembled, not built by developers. At that time, GDPR was coming into effect, and many of our enterprise customers were asking us questions about this assembly vs. building approach. We noticed that nobody knows exactly what’s going on inside the app because it’s assembled. It has dozens of open-source tools, and so on, and we decided to solve this problem to help companies answer questions from a privacy and compliance point of view. What are all the tools, scripts, and libraries that are embedded into the web applications doing?
As we released our minimum viable product, MVP, we heard a lot of questions from early design customers asking about security specifically, such as, “If we are taking credit card payments, could you tell us if there is malware embedded into any of the dozens or hundreds of scripts?” So, we pivoted our focus from just helping privacy teams to enabling broader security and privacy teams to answer questions such as, “What does your code supply chain look like?” We told them what all of those tools, scripts, marketing tags, and pixel tags are doing. That way they can answer those questions during infosec or pen-testing reviews, and whenever anyone would inquire.
SD: What would you say is your flagship product?
IT: Our flagship product today is Feroot Platform, and specifically a component called Feroot Inspector. Feroot Inspector answers all of the questions discussed above.
SD: Why do your customers love your company?
IT: First and foremost is our customer service. From the very first interaction during the POC to deployment, it’s the care, the handholding, the education, and the support that our customers value and appreciate. Our service and knowledge transfer are what make us stand out in the industry.
Second is our technology approach. Our approach to solving problems is completely outside-in, with nothing to deploy. Customers don’t need to go through a lot of internal approvals to get any vendor code or tools installed.
The third is our use of synthetic users, AI good bots. They replicate and imitate everything real people do. They can come in from Windows PCs, Macs using Safari or Chrome browsers, iPhone, and Android phones, and replicate everything real people do all the way from making a purchase to logging into a test bank account to see if there’s anything bad going on.
Additionally, when they come from different countries, if you need to comply with U.S. or European laws, they will come and show you from each jurisdiction what it looks like when French citizens or UK citizens people use your web app or U.S. or California residents, and so on.
SD: What do you think are the worst cyberthreats out there today?
IT: The unknown threat is the worst.
SD: How do you think the pandemic is changing the face of cybersecurity forever?
IT: Cybersecurity follows the market. Nowadays, we live and work from home. The browser is the new OS, so there’s a lot more focus now on browser-level security.
Also, user journeys or user experience is now the core of differentiation or what value they provide to their end customers. Therefore, companies are investing a lot into improving user experience or user journeys. They’re using tools such as Amplitude, Mixpanel, and many others to watch and measure and help improve user experience, which they also need to protect. That’s what we see is changing. Improving user experience and protecting user experience are becoming important in the new world where the browser is the new OS of web applications, which are not built but assembled from various tools, and now you need to protect that experience.