{"id":193592,"date":"2026-03-06T12:47:00","date_gmt":"2026-03-06T17:47:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/06\/phd-student-goes-from-hackademic-to-funded-founder-with-cybersecurity-solutions\/"},"modified":"2026-03-07T04:35:15","modified_gmt":"2026-03-07T09:35:15","slug":"phd-student-goes-from-hackademic-to-funded-founder-with-cybersecurity-solutions","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/06\/phd-student-goes-from-hackademic-to-funded-founder-with-cybersecurity-solutions\/","title":{"rendered":"PhD student goes from ‘hackademic’ to funded founder with cybersecurity solutions"},"content":{"rendered":"

PhD student goes from ‘hackademic’ to funded founder with cybersecurity solutions<\/a><\/p>\n

https:\/\/news.asu.edu\/20260306-science-and-technology-asu-hackademic-funded-cybersecurity-startup-founder<\/a><\/p>\n

Publish Date: 2026-03-06 12:47:00<\/a><\/p>\n

Source Domain: news.asu.edu<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points.
\n Every morning, computer security engineers slide behind their desks, open their dashboards and brace for impact.A thousand warnings. Red flags stacked on red flags. Automated scanners screaming about code injections, memory corruptions and compliance violations. Somewhere in that digital haystack is a needle \u2014 a real, exploitable vulnerability. But good luck finding it before a hacker does.The tragedy of modern cybersecurity isn\u2019t that we can\u2019t find bugs. It\u2019s that we find too many.\u201cOut of those 1,000 issues, there are only about 50 that are really important for you to fix,\u201d Wil Gibbs says. \u201cBut the problem with having 1,000 warnings is that you don\u2019t know where to start.\u201dGibbs is a computer science doctoral student specializing in cybersecurity in the School of Computing and Augmented Intelligence, part of the Ira A. Fulton Schools of Engineering at Arizona State University. He also earned his bachelor\u2019s degree in computer science at ASU and now works with Associate Professor Adam Doup\u00e9 in the Center for Cybersecurity and Trusted Foundations. Gibbs says he\u2019s done watching engineers chase ghosts.After spending two years building artificial intelligence systems that find and fix software bugs as part of a competitive cybersecurity team, he\u2019s now the CEO of a startup called Artiphishell, and he\u2019s betting $1.5 million that he can turn academic cyber-wizardry into something enterprises will actually use.<\/p>\n

Wil Gibbs holds the Shellphish team trophy awarded at the U.S. Defense Advanced Research Projects Agency’s AI Cyber Challenge at the DEF CON 33 event held in August 2025 in Las Vegas. Gibbs co-led a team that received $2 million in prize money to fund their efforts during the competition. Photo by Kelly deVos\/ASU<\/p>\n

Born in VegasTo understand Artiphishell, you have to start under the fluorescent lights of DEF CON in Las Vegas, where 30,000 hackers gather annually to probe systems, uncover weaknesses and make technology more secure.There, Gibbs co-led the 25-person Shellphish team that competed in the AI Cyber Challenge, a moonshot program backed by the U.S. Defense Advanced Research Projects Agency, or DARPA, to build AI systems that can automatically find and fix vulnerabilities in open-source software. The stakes were national: rising cybercrime; more than 3.5 million unfilled cybersecurity jobs worldwide; and open-source code, which can be exploited by hackers, underpinning everything from hospitals to power grids.Shellphish built an AI-based system called Artiphishell that can analyze software, identify security flaws, patch them and retest the system. The team took home $2 million in prize money and proved something radical: AI can meaningfully assist vulnerability research if it is engineered carefully.But Gibbs saw a drawback.\u201cThe problem, almost, is that the AI is too exciting,\u201d he says. \u201cMany people hear AI and then instantly say, \u2018I\u2019m in. Let\u2019s do it.\u2019\u201dAfter two years in the trenches, Gibbs knew better. Large language models can sound confident and look correct even when they\u2019re wrong. In cybersecurity, those kinds of mistakes can lead to a breach, resulting in lost data and dollars.\u201cIf you\u2019re not really paying attention when going through the results, you\u2019ll think it is correct up until the point that you have a problem,\u201d Gibbs says. \u201cAnd then you ask, \u2018Where did this all go wrong?\u2019\u201d<\/p>\n

Wil Gibbs (right) speaks with Artiphishell co-founder Lukas Dresel onstage at DEF CON 33, where the pair presented the technical underpinnings of their work to an audience of cybersecurity experts and enthusiasts. Photo by Kelly deVos\/ASU<\/p>\n

Cut the noiseThat question set the stage for something new. So Gibbs and several teammates spun out a company.Artiphishell doesn\u2019t try to replace the bug-finding tools enterprises already use. Those automated scanners are everywhere, and they work. The real problem is triage. To meet compliance requirements, companies run static analysis tools that generate thousands, or sometimes tens of thousands, of alerts. Most aren\u2019t critical. Some aren\u2019t even exploitable.Artiphishell ingests that flood of reports and pressure-tests them. Instead of hunting for new bugs, the system analyzes existing warnings, determines whether vulnerable code is actually reachable by hackers, attempts to reproduce the flaw and, if successful, generates a patch. If it can\u2019t reproduce the issue, it gets deprioritized.\u201cDuring a test of 1,000 warnings, we were able to trigger and reproduce about 50 of them that represented real vulnerabilities,\u201d Gibbs says. \u201cSo instead of spending thousands of hours sorting through every warning, you spend 10 minutes reviewing the ones that actually matter.\u201dArtiphishell\u2019s differentiator is evidence, providing reproducible results that security teams can verify themselves.\u201cWe give you a concrete value or report that you can then run yourself to reproduce results and be confident in them,\u201d Gibbs says.The pitch has resonated. The company raised roughly $1.5 million in initial funding as Gibbs prepares to graduate and run the business full-time.Making security spending pay offOne of the ironies of cybersecurity is that success is invisible. If a company\u2019s data defense is good, then nothing happens, and executives struggle to justify the cost. If they underinvest and suffer a breach, the consequences are public and brutal.Gibbs believes that Artiphishell can flip that equation by giving back developer time. Instead of sifting through noise, engineers can focus on architecture, innovation and proactive defense.By the end of this year, Gibbs hopes to raise a larger round of venture capital funding to help the company scale up. New products are slated for release within the next 12 months. The long-term vision is to build an AI-augmented security workflow grounded not in hype, but in proof.Doup\u00e9 says Gibbs combines deep technical rigor with a builder\u2019s instinct.\u201cWil has demonstrated outstanding leadership and research skills throughout his time at ASU,\u201d Doup\u00e9 says. \u201cHe\u2019s leveraging these skills to start the entrepreneurial journey, and I\u2019m confident that he and the team will succeed.\u201dBack at DEF CON, under the neon glow, the Shellphish team once bet big and won. Now Gibbs is making a different wager \u2014 that careful, evidence-based AI can cut through cybersecurity\u2019s thousand-warning mornings.Because in a world where everything runs on code, the real jackpot isn\u2019t prize money.It\u2019s knowing which 50 security flaws matter before someone else does.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

PhD student goes from ‘hackademic’ to funded founder with cybersecurity solutions https:\/\/news.asu.edu\/20260306-science-and-technology-asu-hackademic-funded-cybersecurity-startup-founder Publish Date: 2026-03-06…<\/p>\n","protected":false},"author":1,"featured_media":193593,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/news.asu.edu\/sites\/default\/files\/2026-03\/SCAI-Hackademic-Wil-Gibbs-2026-EG-7928-a%201920x1080.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,20,30,33,24,35,27],"class_list":["post-193592","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-artificial-intelligence","tag-breach","tag-computer-security","tag-cybersecurity","tag-hacker","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/193592"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=193592"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/193592\/revisions"}],"predecessor-version":[{"id":193594,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/193592\/revisions\/193594"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/193593"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=193592"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=193592"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=193592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}