Security News

Synack Builds Trust Between Human Intelligence & AI for “Smart” Security Testing

In cybersecurity  there will always be the need for creativity of human intelligence to beat the human adversary.  It’s clear AI won’t ever be able to replace the creativity of the mind of a hacker, but what if AI could help augment ethical hackers?

Traditionally in security, machines and humans have worked separately to try and solve the same issues. Machines like scanners have been used to scale across attack surfaces, but they’ve proved to be noisy and inefficient, resulting in the potential for security teams to miss remediation on higher priority vulnerabilities making companies and consumers vulnerable.

Crowdsourced testing is a creative way to utilize the talent of a global network of ethical hackers in today’s resource-strained reality – there are 3.5 million unfilled cybersecurity jobs expected by 2021 according to Cybersecurity Ventures.

Synack has just launched the industry’s first cybersecurity platform ‘SmartScan’   to integrate crowdsourced human intelligence augmented with artificial intelligence to help security teams work smarter, not harder, to protect digital assets continuously and at scale. The impact? Intelligence that helps security teams find and fix vulnerabilities faster and build more secure code.

“While humans can’t scale, machines can’t think. More than 80% of the vulnerabilities that our Synack Red Team find in our clients’ assets aren’t detected by a scanner. We will always need the creativity of human intelligence. But to scale at the pace of the threats, we need to automate wherever possible and keep building technology to test ‘smarter’,” Dr. Mark Kuhr, Synack CTO and co-founder said.

Synack’s industry-leading cybersecurity Platform 2.0 delivers a smarter, more efficient security test through the use of smart platform technology and new product, SmartScan. Together, the platform’s new features and advanced technology seamlessly orchestrate the optimal combination of human and machine intelligence for more effective, efficient security on a 24/7/365 basis.

SmartScan helps security teams increase their attack surface coverage and gain new insight by continuously scanning for suspected vulnerabilities and engaging the company’s crowdsourced network of ethical hackers to validate them.

The augmented intelligence offered by Synack’s “smart” Crowdsourced Security Platform, if applied to all penetration testing, would add 4x more efficiency to security teams.

Additional benefits of Synack’s Crowdsourced Security Platform to security teams include:

  • Noise Reduction: 99.98% of total noise is reduced by leveraging Synack SmartScan in combination with Synack Red Team crowdsourced vulnerability triage and patch verification services.
  • Higher Value: The latest version of Synack’s platform with augmented intelligence increases the ROI of Synack’s original offering by over 50%. Customers will see a 159% ROI with the Synack Crowdsourced Security Platform in comparison to a traditional penetration test. And if comparing the Synack platform to a traditional scanner, they will get a 262% ROI. If deployed universally across application security testing, SmartScan would add ~$3B in security value back to the market.

In addition to SmartScan, Synack’s Crowdsourced Security Platform 2.0 includes other new and enhanced features; Apollo, a machine learning and automation engine that optimizes the integration of humans and technology, superior analytics and reporting, and LaunchPoint, a secure testing gateway with added researcher endpoint control and enhanced workspaces to support privacy for highly regulated environments.

Synack Red Team researchers said they were “happy with the [LaunchPoint] concept”, “a fan of the increased bandwidth”, and could “definitely see myself using this a lot” in response to Synack launching the only crowdsourced security testing with endpoint control baked into the platform.

(Image Courtesy: www.information-age.com)

Leave a Comment

Your email address will not be published.

You may also like