In a recent interview with SafetyDetectives, Felipe Daragon, the founder of Syhunt, shared his insights on the evolving landscape of cybersecurity. Felipe’s journey into cybersecurity began in the underground scene of the nineties, eventually leading him to establish Syhunt in 2003. Over the years, Syhunt has emerged as a pioneer in application security, continuously innovating to stay ahead of emerging threats. With a deep understanding of the dynamic nature of web applications and the integration of artificial intelligence, Felipe offers a unique perspective on the future of cybersecurity. His expertise highlights the importance of balancing rapid application development with robust security measures, especially in the era of AI-driven technologies.
Can you tell us about your journey into cybersecurity and how you became involved with Syhunt?
Cybersecurity today is a promising professional specialization with solid market demand and a lack of specialized professionals. This leads many individuals to seek a career in this big industry. In my case, my journey began in the underground scene back in the nineties, but later I transitioned to cybersecurity because it was the right path to take. However, the landscape has drastically evolved since then. Today, the new generation of hackers isn’t comprised of well-intentioned kids or young individuals, but rather adults driven by monetary motives—forming gangs, engaging in extortion, scams, and more. Witnessing this shift, I ventured into cybersecurity consulting. In 2003, I took the leap and founded my own cybersecurity company, Syhunt, with a mission to assist organizations globally in combating application security threats.
What sets Syhunt apart from other cybersecurity solutions on the market, particularly in application security?
Back in 2003, we were one of the first to introduce application security scanner software into the market and this helped position our company as an innovator and pioneer in its industry. While hard work was key, timing also played a significant role. Later, we had the audacity to expand in several directions of application security, like DAST, SAST and MAST. Now we are starting to deal with generative AI.
I think that the success of Syhunt comes from a mix of innovation, vision and great UX (user experience). It is not exactly easy to define what innovation is because it is a multifaceted process – it is the combination of intense R&D, adaptability, continuous improvement, market insight and more. In the UX side, we seeked to optimize user workflows by removing unnecessary steps and simplifying complex tasks. We aim to shield users from the inherent complexities of our application security scanners. On the backend, our scanners are engineered to be swift, precise, and comprehensive, while seamlessly integrating with other platforms and tools. When all these elements are combined in the right proportions, the result is Syhunt.
What are some emerging trends in application security that businesses should be aware of?
Application security is one of the most dynamic fields in cybersecurity. This is because application security is mostly centered on web applications, which are constantly evolving with new Web standards, frameworks, servers and together with the Web browsers. Now we reached a point of technological advancement on which artificial intelligence is the new component to this already complex ecosystem. A myriad of security issues is expected to emerge from this new integration with language models – some of them are presented in the OWASP Top 10 for LLMs document, released at the end of 2023. Last month I published a paper that shows insecure handling of the output of LLMs can be explored in many different ways. In the next five years, I expect to see an explosion of attack techniques that take advantage of AI models. Developers and cybersecurity professionals will have a lot to catch up related to the security side of applications during this rapid technological acceleration brought about by AI.
Can you discuss any AI-driven innovations at Syhunt that have enhanced threat detection and response?
We greatly admire OpenAI and their innovative work with ChatGPT. Our tools can identify vulnerable lines in an application’s source code and, through an optional integration with the OpenAI API, even provide examples of code with patches applied. We’ve also developed a feature called AI-Powered Login, where the AI model autonomously learns how to log into a website with minimal input from the user—just credentials and basic descriptions. Through a rapid trial-and-error process, it refines its approach until successfully logging in. Once achieved, the method is cached and replayed seamlessly in subsequent logins. These mark the first instances of such capabilities being achieved in the market.
How can organizations balance the need for rapid application development with the necessity of robust security measures?
DevSecOps is now a know and widely adopted concept of having security processes during the various stages of the DevOps (development operations). DevSecOps is an approach where security is integrated throughout the entire development lifecycle, from design to deployment and beyond. This ensures that security considerations are addressed at every stage of development without slowing down the process. Use automated security testing tools and techniques, such as static application security testing (SAST) and dynamic application security testing (DAST), to identify vulnerabilities. Educate developers about the OWASP Top 10 and the CWE Top 25 vulnerabilities. Be smart when selecting frameworks and libraries to accelerate development while reducing the risk of vulnerabilities, select the ones that include built-in security features and protections. Finally, it is also important to have a vulnerability management platform that centralizes the results generated by all these tools.
How do you foresee the role of AI evolving in the cybersecurity space over the next few years?
Like almost any disruptive technology, AI is akin to a double-edged knife that can be wielded for both good and bad purposes. This means that AI is going to be part of both offensive and defensive operations. I believe that cybersecurity solutions in the market are going to split into three major groups: AI-native solutions, which are built from the ground up on top of AI models; AI-augmented solutions, using AI to enhance or supplement their operations; and Non-AI or traditional solutions, which have not evolved to integrate AI and still operate in a more conventional manner. Perhaps the most secure networks of the future will be forged by a mix of the three.
The mission of every CISO (Chief Information Security Officer) will be to find the right balance of AI and conventional pre-IA age tools. Occasionally, these tools will also seamlessly collaborate, with AI systems reaching out to incorporate the functionalities of traditional, non-AI powered tools, which can be accessed through APIs, scripting and so on, into their operations.
Going a little bit further into the future, human firewall administrators will perhaps find themselves talking with their AI firewall counterparts.