AI is everywhere. It writes poems, flips pancakes on smart fridges, and pretends to be your dog’s inner voice on social media. The hype is real – and occasionally ridiculous.
And because it’s everywhere anyhow – affecting our lives both positively and negatively – we believe it’s something every tech-oriented business will need to consider going forward. Our use case (applying AI in cybersecurity directly at the workbench), thankfully, is more useful than most of the aforementioned.
HydraVision, our Security Test Environment, has taken a major step forward. With the integration of a new extension called CoPilot, we’ve embedded Large Language Model (LLM) capabilities directly into your security workflows – enhancing test creation and reporting.
Curious what that looks like in practice? Let’s dive in or contact us directly!
Key Use Cases: What You Can Do Now
The extension itself is basically a powerful, telemetry-free extension for Visual Studio Code. Thanks to its compatibility with OpenAI, Claude, Gemini, DeepSeek, and even self-hosted LLMs, CoPilot enhances HydraVision with intelligent support – directly inside the developer environment you already use.
- Test Case Creation: LLMs help generate test logic from specifications, documentation, or natural-language input. This accelerates the initial setup, reduces repetitive coding, and supports the exploration of edge cases and malformed inputs—especially valuable in fuzzing scenarios or when onboarding new security functions.
- Reporting & Documentation: While test data is generated automatically, AI accelerates the delivery of tailored reports by adjusting content depth and tone for different audiences – whether developers or decision-makers. This enables faster, clearer communication and significantly reduces post-processing time.
Bring Your Own Model: Full AI Flexibility
HydraVision’s CoPilot works with any provider that supports OpenAI-compatible protocols. Whether you use commercial cloud models or deploy your own LLMs internally, the system can be configured to fit your environment – without locking you in. This is particularly valuable for organizations with strict compliance, data residency, or air-gapped infrastructure requirements. Supported environments include:
- OpenAI (GPT-4o, GPT-4, GPT-3.5 via API key)
- Azure OpenAI (enterprise-grade security & authentication)
- Anthropic (Claude models)
- Google Gemini (via API)
- GitHub Copilot (built-in VS Code auth)
- Self-hosted models via Ollama, LM Studio, or similar (e.g. LLaMA, Mistral, CodeLlama, Falcon)
- OpenRouter and Together for access to multiple open-source providers
Human in the Loop — By Design
HydraVision’s AI extension is designed to support experts, not replace them. Your penetration testers remain in control of the test logic, attack surface strategy, and system analysis. The LLMs simply reduce the repetitive parts – accelerating common tasks without automating critical judgment.
This lets your team focus on complex vulnerabilities, creative attack scenarios, and high-priority reviews – where human expertise is essential.
Get Your Security Testing Process AI-ready with HydraVision
Whether you’re testing automotive ECU or embedded devices, HydraVision with CoPilot delivers:
- Faster test case creation
- Simplified configuration workflows
- More consistent and efficient reporting
- Freedom to use the LLMs that meet your policies
From technical implementation to stakeholder-ready output, HydraVision now offers a smarter, more flexible and faster path through the entire testing lifecycle. It’s a practical foundation for AI security testing, enabling teams to automate intelligently while keeping full control. By embracing LLM in security testing, HydraVision helps organizations bridge the gap between efficiency and expertise.
Measurable Impact: 80% Less Grind, 100% in Your Control
With the CoPilot extension, HydraVision users have been able to accelerate test case creation by up to 80% – offloading boilerplate code, repetitive patterns, and log-based logic to the machine. LLMs handle the groundwork, from generating test structures to reworking known variants for fuzzing. The remaining 20% still benefits from human judgment – and that’s exactly where your experts add the most value.
We also observed substantial gains in reporting quality: logs and metadata from test executions are now transformed into clear, well-structured summaries, significantly reducing the need for manual formatting and revision.
The result? Faster turnarounds, higher consistency, and more time for your team to focus on what really matters. These improvements not only boost efficiency but also strengthen your operational foundation for leveraging AI in cybersecurity at scale.
AI Compatibility Overview
| Provider | Models | Special Features |
| OpenAI | GPT-4o, GPT-4, GPT-3.5, o1, o3, o4-mini | Function calling, code generation |
| Anthropic | Claude 3.5 Sonnet, Claude Opus 4 | Large context, advanced reasoning |
| Gemini 2.5 Pro, Gemini 2.0 Flash | Multimodal, grounded search | |
| GitHub Copilot | GPT-4o, Claude Sonnet 4, Gemini 2.5 Pro | Built-in VS Code auth |
| DeepSeek | DeepSeek R1, DeepSeek Reasoner | Template-aware reasoning |
| Azure OpenAI | GPT-4o, GPT-4, o1 | Enterprise-grade access |
| Ollama | LLaMA, Qwen, Mistral, CodeLlama | Private/self-hosted models |
| Grok | LLaMA, Mistral, Gemma | Ultra-fast inference |
| Perplexity | LLaMA, Mistral | Web-enhanced answers |
| xAI | Grok models | Real-time context |
| Mistral | Mistral Large, Codestral | Code-specialized LLMs |
| Together | Multiple open-source models | Community-driven |
| OpenRouter | 200+ models | Unified provider access |
Do you have questions or need support?
We’re here to help! Contact us with any questions about our HydraVision Security Test Environment or our penetration testing services for ECUs, vehicle networks, and embedded systems.
Skillpoints to spend? Check out our Cybersecurity Workshops and ScapyCon, our annual conference for cybersecurity aficionados!