Analysis of the foundations, ethics and social impact of AI in a general elementary school
DOI:
https://doi.org/10.71068/tgqmvg81Keywords:
Virtual sandbox, pentesting test, cybersecurity, malware analysis, SMEsAbstract
The article presented the results of an applied technological research focused on the design, implementation, and evaluation of a virtual sandbox architecture with pentesting tools, aimed at identifying vulnerabilities in mobile applications and websites of small and medium-sized enterprises (SMEs). Given the increasing risk of cyberattacks and the limited capacity of these organizations to adopt advanced security solutions, a controlled testing environment was developed, integrating open-source tools such as REMnux, OpenVAS, OWASP ZAP, and MobSF. The study adopted a qualitative descriptive and exploratory approach, complemented by quantitative techniques through structured surveys conducted with 17 companies and semi-structured interviews with experts. The methodology was divided into three phases: selection and evaluation of tools, proof-of-concept testing in virtual environments, and development of an operational guide. The results demonstrated that the sandbox environment was effective in detecting malware and vulnerabilities, allowing for both static and dynamic threat analysis and strengthening the digital resilience of SMEs. Key benefits identified included risk reduction, increased awareness of cybersecurity, and the implementation of viable and scalable solutions without requiring significant investments. It was concluded that the proposed technology was functional, replicable, and adaptable, representing an effective alternative to enhancing cybersecurity in resource-constrained business contexts. Finally, technical recommendations and future research directions were established, focusing on automated threat detection and security in IoT and cloud environments.
References
Arias, F. G. (2012). El proyecto de investigación. Introducción a la metodología científica. 6ta. Fidias G. Arias Odón. https://acortar.link/YdzwnY
CVE-Mitre. (2025). CVE - Lucha Contra el Extremismo Viral. https://cve.mitre.org/
Díaz, C., Ariza, E., & Ruiz, M. (2023). La Ciberseguridad en las PYMES [Tesis de Especialización, Escuela de Administración de Negocios]. https://scholar.google.es/scholar?hl=es&as_sdt=0%2C5&q=ciberseguridad+pymes&btnG=
Fernández, D., & Martínez, G. (2018). Ciberseguridad, Ciberespacio y Ciberdelincuencia (pp. 1-236). Thomson Reuters Aranzadi. https://udimundus.udima.es/handle/20.500.12226/84
Fortra. (2025). Fortra | Soluciones de software de Ciberseguridad. https://www.fortra.com/es
Gaitán, S. (2019). Riesgos del uso de dispositivos móviles en seguridad de la información de las PYMES. Universidad Piloto de Colombia. http://repository.unipiloto.edu.co/handle/20.500.12277/6472
Gordón, D., & Pacheco, R. (2018). Análisis de Estrategias de Gestión de Seguridad Informática con Base en la Metodología Open Source Security Testing Methodology Manual (OSSTMM) para la Intranet de una Institución de Educación Superior. ReCIBE. Revista electrónica de Computación, Informática, Biomédica y Electrónica, 7(1), 1-21.
Hernández, R., Fernández, C., & Baptista, P. (2014). Metodología de la Investigación. McGraw Hill Education.
Ospina, M., & Sanabria, P. (2020). Desafíos nacionales frente a la ciberseguridad en el escenario global: Un análisis para Colombia. Revista Criminalidad, 62(2), 199-217.
Ovallos, J., Rico, D., & Medina, Y. (2020). Guía práctica para el análisis de vulnerabilidades de un entorno cliente-servidor GNU/Linux mediante una metodología de pentesting. Revista Ibérica de Sistemas e Tecnologias de Informação, 335-350.
Rueda, A. (2017, mayo 16). Diseño de un Pentesting para una Aplicación Web Basado en la Metodología OWASP V.4. Gestiopolis. https://www.gestiopolis.com/diseno-pentesting-una-aplicacion-web-basado-la-metodologia-owasp-v-4/
Smith, K., & Forman, S. (2014). Bring your own device: Challenges and solutions for the mobile workplace. Employment Relations Today, 67-73.
Vanegas, A. (2019). Pentesting, ¿porque es importante para las empresas? Universidad Piloto de Colombia. http://repository.unipiloto.edu.co/handle/20.500.12277/6286
Weidman, G. (2014). Penetration Testing: A Hands-On Introduction to Hacking. No Starch Press.
Wright, W., Schroh, D., Proulx, P., Skaburskis, A., & Cort, B. (2006). The Sandbox for analysis: Concepts and methods. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, 801-810. https://doi.org/10.1145/1124772.1124890
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Hernando Alexander Cachaya Moreno, Hildebrando Castañeda Rincón, Luis Edilson Torres Roncancio, Johemir Jesús Pérez Pertuz (Autor/a)
This work is licensed under a Creative Commons Attribution 4.0 International License.
Los artículos publicados en la revista se distribuyen bajo la licencia Creative Commons Atribución 4.0 Internacional (CC BY 4.0). Esta licencia permite a terceros descargar, copiar, distribuir, adaptar y reutilizar una obra, incluso con fines comerciales, siempre que se otorgue el crédito adecuado al autor original.
