Every morning, computer security engineers slide behind their desks, open their dashboards and brace for impact.
A thousand warnings. Red flags stacked on red flags. Automated scanners screaming about code injections, memory corruptions and compliance violations. Somewhere in that digital haystack is a needle — a real, exploitable vulnerability. But good luck finding it before a hacker does.
The tragedy of modern cybersecurity isn’t that we can’t find bugs. It’s that we find too many.
“Out of those 1,000 issues, there are only about 50 that are really important for you to fix,” Wil Gibbs says. “But the problem with having 1,000 warnings is that you don’t know where to start.”
Gibbs is a computer science doctoral student specializing in cybersecurity in the School of Computing and Augmented Intelligence, part of the Ira A. Fulton Schools of Engineering at Arizona State University. He also earned his bachelor’s degree in computer science at ASU and now works with Associate Professor Adam Doupé in the Center for Cybersecurity and Trusted Foundations. Gibbs says he’s done watching engineers chase ghosts.
After spending two years building artificial intelligence, or AI, systems that find and fix software bugs as part of a competitive cybersecurity team, he’s now the CEO of a startup called Artiphishell, and he’s betting $1.5 million that he can turn academic cyber-wizardry into something enterprises will actually use.
Read the full story on Engineering News.