Sybil

University of Toronto researchers built an AI worm that broke into ~75% of machines on a simulated 33-machine corporate network in one week, without human intervention. The worm adapted in real time by reading live vulnerability advisories and finding new exploits on its own. Patch one bug, and you stop a traditional worm. But as the researchers saw with AI-powered worms, they just find another bug. And another. This was a controlled environment. But the worm ran on open-weight models, which are available for anyone to download. The speed at which attackers weaponize lab demos, like this one, into live exploits has outpaced the speed at which most organizations can patch. Already, many organizations have unpatched known vulnerabilities and yet have avoided getting hacked into oblivion. Now, defenders might have to be right everywhere, all at once, to stop an AI-powered worm. The conventional response would be: just fix your software. But as RunSybil CEO Ari Herbert-Voss told Fortune, "Most organizations already have more vulnerabilities than they can realistically address," and “The challenge is knowing what actually matters for an attacker to gain control,” So how can security programs still operating at human-pace due to token budgets, time, and operational constraints fix their software while attackers are moving at machine speed? Enter Sybil. Sybil accelerates application security by continuously identifying and remediating threats at machine pace, as applications change. Leaders can finally see what's been tested, what's been found, and where the gaps are across their internal and external attack surface.

today’s best models continue to benefit from a well designed harness. Claude Code will take you far, it just might not be in the direction you want. we’ve solved this with Sybil and we’re hiring researchers and builders who unlock powerful capabilities from language models https://t.co/yIYl6xst2j 4/

Last week, we sat down and interviewed Sybil. You learned they prefer their coffee black and that they are a Scorpio moon. They never trust what's on the surface. However, Sybil's day job is a little different. Sybil is a system of agents that attacks applications the way a hacker would. They map the attack surface, uncovering exploits across endpoints, authentication flows, and business logic. Every finding they uncover is validated using a multi-agent system before it reaches your dashboard. Black-box first, no source code required. But that's just the beginning. Every action Sybil takes is logged, so you can query the agent activity to see exactly where and how it tested anything in your application, and read its reasoning at every step. Sybil also maintains a persistent model of each application's attack surface. Every engagement builds on the last. Schedule tests on a defined cadence or trigger them automatically based on code changes. Sybil already knows the application, so testing stays up to date without having to start from scratch.