SafetyDetectives spoke with Oleksandr Muzychuk, CEO at Abto Software, about vulnerabilities in software, the advantages of blockchain in the health industry, AI’s role in software development, and more.
Can you introduce yourself and talk about your role at Abto Software?
I’m both the CEO and founder of a custom software engineering company, Abto Software, started back in 2007. In brief, I’m accountable for managing business operations and setting strategic direction.
Around 2000, I was simultaneously working as a software developer and doing my PhD (Applied Mathematics), when I decided to participate in an interesting Postmaster Program at the Eindhoven University of Technology. While working as a research assistant, I learned to work with big Western enterprises, which helped me to understand what scientific programs in Ukraine were lacking, namely focus on practice.
That’s when I made the decision to return back home and start a company to continue consulting others – while still at the Eindhoven University, I started to work on our future website, thinking about our prospective. With my friends, Sviatoslav and Serhiy, co-founders of our company, we started to define our vision.
As all of us are engineers, we focused on moving towards complex, science- and technology-related projects. We strive to deliver transformative solutions, which combine both fields.
What makes Abto Software stand out in a crowded software development market?
We have a strong R&D department, which completed hundreds of R&D projects to design marketable products. Our teams successfully delivered unique solutions, for example, AI enabled bicycle and helmet detection, cashierless checkout, fruit counting, and many other tools.
What’s more, we have strong knowledge and experience in implementing artificial intelligence across domains. Our engineers are familiar with utilizing computer vision, machine and deep learning, NLP, OCR, and other advanced techniques.
At the very moment, we have 270 specialists on board, and about 10% have a Ph.D. or a Microsoft certification. We approach value-added projects which others can’t handle.
We worked with federal and mature international organizations, Fortune Global 200 companies among them. One day, we hope to become NASA partners as well.
What are some of the biggest security vulnerabilities that you see with custom software that most people may not know about?
Custom software offers flexibility and scalability but can also introduce various risks if not managed properly:
- Insecure authentication and authorization – custom software might have improperly implemented authentication and authorization mechanisms, which allows unauthorized access, causing significant business damage
- Weak encryption, leading to data breaches
- Insecure direct object references – with exposed database records and other internal objects, cybercriminals can easily gain unauthorized access
- Security misconfigurations (improperly configured security settings, default passwords, open ports)
- Inadequate logging and monitoring
- Insecure third-party component integration
With these security vulnerabilities in mind, we implement secure practices, no matter the project or domain. Secure methodologies, threat modeling, thorough testing and audits, and ongoing security patching are just some of those practices.
Of course, it’s a well-known aspect, but still worth mentioning – custom-designed software requires support. This includes regular updates and testing (penetration testing among others), which typically requires expertise and specialized testing tools.
However, that’s not all.
What’s also worth mentioning is the strong need to involve senior engineers which understand the context. They should be able to apply the basic security principles both during software development associated with code leaks, environment access, and more, and after product release (code vulnerability, logically incorrect solution design).
Last but not least, never underestimate software deployment (code delivery, production system hosting setup). The contribution of skilled SysOps and DevOps engineers should always be supplemented with appropriate security measures, from covering special questionnaires to conducting penetration testing.
What are the security advantages of using blockchain in the healthcare industry, as opposed to traditional software solutions?
Blockchain technology is a significant change moving towards adopting digitization in the healthcare industry. Blockchain’s distributed ledger technology might improve the secure transfer of confidential medical records, manage medical supply chains, and empower healthcare research to unlock genetic code.
Blockchain technology is implemented to facilitate the verified transmission of sensitive healthcare information – decentralized identity, smart contracts, and tamper-proof ledgers might be quite useful when talking about security. Yet still, there are various risks to consider, from cyberattacks to maintenance and speed.
The technology is known for being highly secured and there’s no involvement of external, third-party services. Still, many dangerous attacks, such as 51% attack, Sybil attack, and others are a major problem.
Other limitations of blockchain technology for mature healthcare providers:
- As most healthcare systems are distributed, blockchain maintenance might become very hectic – without a streamlined system, it is almost impossible to handle medical records across facilities.
- Blockchain speed is another big issue, especially with large networks, which means the confirmation takes ages, and sharing becomes slow.
What role do you see AI playing in the field of software development?
In the 21st century, we were introduced to the concept of automation, empowered by artificial intelligence. And today, quality data is the new oil.
Numerous established SaaS companies like Netflix, Amazon Prime, and YouTube are using artificial intelligence to cater to their users with tailored, valued-added services by using personalized recommendations and more. There’s been a great shift towards digital innovation across domains, particularly software development.
We at Abto Software are already actively leveraging the capabilities provided by computational advances. Some of our latest successful projects comprise an AI based jump recognition and analysis learning algorithm for the healthcare sector, a markerless, CV driven telemedicine application that enables digital physiotherapy, and our very own 3D body measurement technology, a prototype for scanning human bodies in real-time, which we are very proud of.
To date, we can sensibly facilitate requirement gathering, solution design, code generation, and quality assurance. I’d say the future looks bright with the ever-evolving technology available today.
What are some common misconceptions that you can clarify when it comes to developing software solutions for businesses?
To begin, in 2023, we faced inflated expectations and requirements speaking about artificial intelligence. Starting with business leaders who aimed to adopt the technology in processes where that wasn’t justified, ending with those who generated their RFP documents using ChatGPT.
Two more quite “classic” but still relevant problems:
- The lack of trust
The owner has a better understanding of both his business and market but typically doesn’t have IT expertise. In situations when clients don’t trust us with decisions we made – the decisions associated with tech aspects – we often have to proactively advocate our opinion to protect the client against doubtful resource allocation and, accordingly, undesirable results.
- Poor communication and collaboration
For successful software development, no matter the project, the owner and vendor must work very closely. Only under such conditions the client can receive desired quality and outcomes.