Synack integrates crowdsourced human intelligence and AI for “smart” security testing

The debate on how we should best use Artificial Intelligence is ongoing, but no one can argue against its benefits when used to augment human work. Take self-driving cars: when Artificial Intelligence is used alongside humans, it provides features like improved safety and predictive driving.

The same is true in cybersecurity; we will always need the creativity of human intelligence to beat the human adversary. However, we can also augment those humans with smart technology to help make them more effective, cover a wider attack surface, and speed up their time to find and fix vulnerabilities.

Synack, the trusted leader in crowdsourced security, has just launched the industry’s first cybersecurity platform to integrate crowdsourced human intelligence augmented with artificial intelligence to help security teams work smarter, not harder, to protect digital assets continuously and at scale.

The impact? Intelligence that helps security teams find and fix vulnerabilities faster and build more secure code.

“While humans can’t scale, machines can’t think. More than 80% of the vulnerabilities that our Synack Red Team find in our clients’ assets aren’t detected by a scanner. We will always need the creativity of human intelligence. But to scale at the pace of the threats, we need to automate wherever possible and keep building technology to test ‘smarter’,” Dr. Mark Kuhr, Synack CTO and co-founder said.

Synack’s industry-leading cybersecurity Platform 2.0 delivers a smarter, more efficient security test through the use of smart platform technology and new product, SmartScan. Together, the platform’s new features and advanced technology seamlessly orchestrate the optimal combination of human and machine intelligence for more effective, efficient security on a 24/7/365 basis.

SmartScan helps security teams increase their attack surface coverage and gain new insight by continuously scanning for suspected vulnerabilities and engaging the company’s crowdsourced network of ethical hackers to validate them.

The augmented intelligence offered by Synack’s “smart” Crowdsourced Security Platform, if applied to all penetration testing, would add 4x more efficiency to security teams.

Additional benefits of Synack’s Crowdsourced Security Platform to security teams include:

• Noise Reduction: 99.98% of total noise is reduced by leveraging Synack SmartScan in combination with Synack Red Team crowdsourced vulnerability triage and patch verification services.
• Higher Value: The latest version of Synack’s platform with augmented intelligence increases the ROI of Synack’s original offering by over 50%. Customers will see a 159% ROI with the Synack Crowdsourced Security Platform in comparison to a traditional penetration test. And if comparing the Synack platform to a traditional scanner, they will get a 262% ROI. If deployed universally across application security testing, SmartScan would add ~$3B in security value back to the market.

In addition to SmartScan, Synack’s Crowdsourced Security Platform 2.0 includes other new and enhanced features; Apollo, a machine learning and automation engine that optimizes the integration of humans and technology, superior analytics and reporting, and LaunchPoint+, a secure testing gateway with added researcher endpoint control and enhanced workspaces to support privacy for highly regulated environments.

Synack Red Team researchers said they were “happy with the [LaunchPoint+] concept”, “a fan of the increased bandwidth”, and could “definitely see myself using this a lot” in response to Synack launching the only crowdsourced security testing with endpoint control baked into the platform.