Brazilian companies suffered, on average, over 2,600 cyberattacks per week in early 2025, a 21% increase compared to the previous year, according to a survey by Check Point Research. In this scenario, the traditional ‘firefighting’ approach to digital security proves insufficient against the speed and sophistication of threats, many of which are amplified by artificial intelligence.
“The future of digital defense requires us to stop waiting for attacks to happen. The answer lies in offensive protection: thinking and acting like an attacker to find and fix vulnerabilities before they are exploited,” says Rodolfo Almeida, COO of ViperX, an offensive protection startup from Grupo Dfense.
From reaction to anticipation: the attacker mindset
Offensive protection involves simulating actions of a real attacker to identify vulnerabilities and block pathways before they are used. Techniques like red teaming and adversary emulation allow validation of technical and logical gaps, prioritizing fixes based on real risk.
The ‘ethical hacker’ philosophy, where professionals are hired to act ethically and in a controlled manner, is already adopted in countries like the U.S. and members of the European Union, as well as Brazilian initiatives such as the Central Bank’s actions and the Cyber Guardian exercise. “This approach goes beyond a simple annual checklist: it positions security as a strategic function of the organization,” explains the executive.
The recently enacted National Cybersecurity Strategy (E-Ciber) reinforces this need, elevating the topic to a state-level priority, with pillars of resilience and cooperation.
Artificial intelligence: accelerating offensive protection
AI should not be seen as an enemy but as an ally in the anticipation process. It connects scattered information, from cloud changes to leaked credentials, to indicate where an attack would likely begin.
According to Almeida, technology enhances offensive security in three areas:
- Mapping and prioritization– continuous scanning of the attack surface and highlighting the most critical gaps;
- Attack simulations– simulating realistic scenarios to test controls and quickly identify weaknesses;
- Accelerated remediation– suggesting and automating solutions to reduce rework and eliminate opportunities for criminals.
“With AI, we find open doors and can close them before they are crossed,” emphasizes the executive.
From isolated actions to continuous discipline
Almeida stresses that technology alone does not solve the problem. It is necessary to abandon the ‘one-off project’ model and adopt a continuous discipline of threat exposure management (Continuous Threat Exposure Management – CTEM).
The executive recommends that companies prioritize metrics reflecting real business impact, such as time-to-fix and the number of blocked attack paths, and adopt ongoing testing and training programs, along with knowledge-sharing with partners and ecosystem entities.
“Digital security is not just about protecting yourself but about building a more resilient digital future for everyone,” concludes Almeida.
