AI at CyCognito
CyCognito has integrated AI to power robust and accurate attack surface discovery and testing. Discover what CyCognito AI can do for you and the AI techniques we use.
What You Can Do with CyCognito’s AI
Discover All of Your Assets
CyCognito’s asset discovery process starts with a single data point - the name of your organization - and then uses AI to crawl and understand financial databases, news sites and hundreds of websites.
Get Full Asset Context
CyCognito builds context around all of the assets it discovers. Our AI maps each asset to a business unit or brand, and adds details like the type of asset, underlying technology, related applications, and if there is potentially exposed customer data.
Classify Assets by Type or Risk
Assets can be easily organized by type or risk. Our AI classifies assets by examining their API call responses and types of data they store.
Ask Any Question
Want to see all of your ecommerce servers not protected by a WAF? Just ask: “Show me all ecommerce servers not protected by a WAF.” Our AI language processing allows you to ask almost any question about what you own and if it’s at risk without using a specialized query language.
Automatically Configure Tests
No more time consuming test configuration. Our AI understands the type of assets you own and automatically configures the test engine to run the proper test types with the right payloads.
Watch a 3-Minute Demo of the Cycognito Platform
In a short demo video see how the CyCognito platform uses nation-state-scale reconnaissance and offensive security techniques to close the gaps left by other security solutions including attack surface management products, vulnerability scanners, penetration testing, and security ratings services.
Can Humans Keep Up with Discovery?
Assuming a human could find all of the information the CyCognito platform does (up to fifty data points per asset, including IP address, name, type, owner, location, included technologies, related assets, known vulnerabilities, and threats), we estimate it would take at least one hour per asset on average for initial discovery and 30 minutes per asset to keep all of the asset metadata up to date.
So, one hour per asset, multiplied by a midsized attack surface of 5,000 assets, that's 5,000 hours, or over two work-years just for initial discovery. Spending 30 minutes per asset once per year to keep it up to date would add another 2,500 hours - over one additional work-year. On top of that, company attack surfaces fluctuate by +/- 10 percent monthly, adding even more hours of initial discovery per year for newly added assets. Lastly, the average attack surface size for an enterprise is 50,000 assets, not 5,000. That’s 30 work-years.
AI Techniques CyCognito Uses
CyCognito uses a number of AI techniques and technologies to create high-precision discovery and testing. Let’s look at some of them and how they are applied in the platform.
Bayesian Machine Learning (BML)
CyCognito uses BML to structure graph data models and test hypotheses around asset ownership and type.
Generative Pre-trained Transformers (GPT)
CyCognito uses GPT to summarize the relationship between organizations or entities and to create answers to user search queries.
Generative AI (GenAI)
CyCognito uses GPT-3.5/4 to summarize the relationship between organizations or entities, and to create answers to user search queries.
Graph-based AI (GraphAI)
CyCognito uses GraphAI to represent assets and their relationships to organizations, people, threats and other technologies.
Large Language Models (LLMs)
CyCognito uses LLMs for several tasks, including asset discovery, ownership attribution, data enrichment, and search.
Natural Language Processing (NLP)
CyCognito uses NLP to understand organizational structure by extracting information from business databases and websites, and then matching entities mentioned within. NLP has a significant performance advantage over LLMs - milliseconds vs. seconds - and is a better choice for large scale applications like attack surface discovery.
Interactive Demo
Accelerate your risk remediation
Getting results without disrupting business is essential for CIOs.
With the CyCognito platform, you can manage your risk confidently and intentionally to minimize your organization’s risk exposure. Learn about our revolutionary approach to external cyber risk management. Discover more about our solutions and how we help organizations identify, understand and master their risk in profound new ways.
