Transforming Traditional Penetration Testing into a Crowdsourced Security Platform by Utilizing Augmented Intelligence (AI) to Discover and Secure Vulnerable Applications

Bajram Hoxha, founder of Davos Network tells us about managed security services.

First of all, how are you and your family doing in these COVID-19 times?

Bajram Hoxha: Thank you for asking. Despite the challenges, we have been doing well, which makes me tremendously grateful. I used this time to spend more time with family, which is good in many ways as well.

These are difficult times for everyone, and I don’t think it would be right in any way to minimize that. Instead, I am adapting and doing my best to use what’s within my power to help make the world a better place.

Tell us about you, your career, and how you founded Davos Network.

Bajram Hoxha: I was born and raised in Kosovo. I moved to the United States to complete my studies, and after school worked for several years in Silicon Valley. Later, I moved to Switzerland to join my family.

I was just eight years old when the Kosovo War (1998-1999) happened and memories are still fresh to me today of a child Dreaming for Freedom.

This experience has taught me a great lesson: not to take an opportunity — or even life — for granted. Since then, this has served me a great deal to always follow my passion for utilizing technology to make an impact on society.

Today, the world is more technologically reliant than ever before and there is no sign that this trend will slow. We are putting advanced software such as (AI) everywhere. This is changing the way we live, and how we behave and interact with the world around us. As technology becomes more and more deeply integrated into our lives, we become more and more dependent on it. But this dependence makes us vulnerable if technology fails.

While I have a generally positive view of advanced software, I’m worried about our future. Cyber Threats are increasing at a fast pace, driven by digital transformation and the current global pandemic. The consequences of Cyber attacks are big, causing electrical blackouts, failure of military equipment, and breaches of national security secrets.

Motivated by the chance to make an impact on this domain, I started my venture Davos Networks to help enterprises and organizations find security problems before they become business problems.

How does Davos Network innovate?

Bajram Hoxha: Currently, 73% of security breaches occur at the application layer, making identifying vulnerabilities a top priority for organizations worldwide. Many organizations now depend on the rapid release of critical applications to remain competitive.

Despite new advancements with the enablement of AI, current solutions in the market have limitations such as:

● Automation tools are not capable of fully understanding web applications due to the increasing complexity of the web stack, not able to detect vulnerabilities that aren’t low hanging fruit (such as XSS or SQLi). This leads to generated reports with large numbers of false positives.

● You can only use automated penetration testing “inside” the network. Most exposed company infrastructure is web-based, and automated security testing tools don’t understand these, there is still a need for human testers for testing from the outside.

We offer a cutting edge solution that transforms traditional penetration testing into a crowdsourced security platform by utilizing Augmented Intelligence (AI) to discover and secure vulnerable applications. While our goal is to shift towards a more autonomous solution, we still enable the human element (pen-testers) when it is not possible for the machine learning algorithms to fully complete their task. Thus, we have 10% of the most complicated tasks that need bypassing or complex business functionality which will be shifted to a crowd of ethical hackers.

How does the coronavirus pandemic affect your business finances?

Bajram Hoxha: We started our business in January last year, right a few months before the global Covid-19 pandemic wave started spreading at a fast pace, and we were not sure how it would affect our business and the market.

As the COVID-19 pandemic spread across the globe, and many people shifted to work remotely, the risk for cyber-enabled fraud exploded in unparalleled scale and scope. This brought security and IT teams subject to new and heightened demands, supply-to-demand volatility, and escalating psychological stress. Meanwhile, this was an opportunity for security providers like us to enable creativity and think on a bigger scale to innovate new solutions with the hacker-mindset, which means higher ROI to our customers. Enabling such innovative approaches to our solution allowed us to generate new revenue streams which have been instrumental for us to stay afloat during these tough times.

Did you have to make difficult choices regarding human resources and what are the lessons learned?

Bajram Hoxha: As a relatively young company, we were able to maintain the core value of our company. Besides, during this period, I have learned that as a business you must be agile and can pivot.

How did your customer relationship management evolve? Do you use any specific tools to be efficient?

Bajram Hoxha: We must embrace a customer-first mindset to succeed. Despite social distancing measures, we found ways to grow closer to customers throughout 2020.

As for the tools, we are fortunate that pre-lockdown we were already using Zoom and Slack. We utilized such tools to build new business partnerships which led to us being accepted into several prestigious programs, amongst others Tech4Trust, a leading Swiss accelerator program in the field of cybersecurity and digital trust.

Did you benefit from any government grants, and did that help keep your business afloat?

Bajram Hoxha: We were supported financially by the Canton of Bern where we are currently located according to the size of our company, which we are grateful for.

However, it is worth noting that the Swiss start-up ecosystem is built in such a way that most of the grants are for start-ups that are university spin-offs. Because we initially didn’t have any collaboration with academia, it was a big challenge for us to qualify for other grants that operate under this scheme.

This is one of the areas where we see room for improvement. Hopefully, policymakers in Switzerland take action in the future to solve this issue of paramount importance.

Your final thoughts?

Bajram Hoxha: “There are risks and costs to action. But they are far less than the long-range risks of comfortable inaction.”

Your website?

https://www.davosnetworks.com