XBOW is an artificial intelligence platform designed to autonomously identify and exploit software vulnerabilities. It was founded by Oege de Moor and has rapidly gained prominence by outperforming human researchers on HackerOne, a leading bug bounty platform.
The system operates without human intervention, running continuous security tests and identifying a wide range of vulnerabilities, including remote code execution, SQL injection, XSS, SSRF, and more. It has demonstrated the ability to find and exploit vulnerabilities in 75% of web benchmarks, including advanced challenges like cryptographic CAPTCHA bypasses and Jenkins remote code execution. Still, all findings are reviewed by XBOW’s security team before submission to ensure accuracy and compliance with HackerOne’s policies.
Industry Impact and Funding
XBOW recently raised $75 million in a Series B funding round, bringing its total funding to $117 million. The round was led by Altimeter, with participation from Sequoia Capital and Nat Friedman.
XBOW’s success has sparked discussions about the role of AI in cybersecurity, with experts noting both its potential to accelerate vulnerability discovery and concerns about the volume of reports it generates.