As businesses rapidly adopt generative artificial intelligence (GenAI) and integrate it into both their employee workflows and customer-facing applications, a concerning trend has emerged: the potential security risks associated with its use. Companies are finally beginning to wake up to these concerns, but they must take proactive steps to mitigate them.
The Risks of GenAI Security
Prompt Security, an Israel-based company founded by Itamar Golan and Lior Drihem, is addressing this pressing issue. With a $5 million seed round led by Hetz Ventures, Four Rivers, and several angel investors, including CISOs at Airbnb, Elastic, and Dolby, Prompt Security aims to help organizations safeguard their GenAI usage.
Founding Story
Golan and Drihem, both previously working at Check Point and Orca Security, respectively, had been waiting for the right moment to launch a company focused on AI and security. Five years ago, they recognized that the market was not mature enough, but about 18 months ago, their team at Orca started exploring an AI-based remediation feature.
The Genesis of Prompt Security
This project sparked the idea for Prompt Security, as Golan explained: "We saw different backdoors we were leaving through development and said, ‘There’s a new attack surface due to these new architectures and frameworks.’ Things like prompt injection are suddenly impossible." The founders realized that GenAI was opening up a new market, and they decided to capitalize on it.
The Problem of Uninformed CISOs
Golan emphasized the issue of uninformed Chief Information Security Officers (CISOs): "Many CISOs don’t have a good understanding of which tools their users are accessing from within their networks." This lack of visibility creates opportunities for employees to share sensitive information with GenAI services, potentially exposing companies to regulatory issues.
Prompt Security’s Solution
To address this issue, Prompt Security offers a browser extension and IDE plugin that automatically detect patterns related to GenAI usage and enforce policies on top of that. The company claims that its solution introduces minimal latency to the user experience.
The Attack Surface of GenAI Applications
On the application side, Golan noted that GenAI chat apps expose a new attack surface through prompt injections and jailbreaks: "An attacker could run unauthorized code inside a company’s network." This is why Prompt Security aims to build an entire platform covering various aspects of GenAI usage.
A One-Stop Solution for GenAI Security
"We’re trying to build a one-stop solution for GenAI security," Golan stated. "We cover both employee usage and application security side."
The Rapid Evolution of GenAI Security Awareness
Golan revealed that, only a few months ago, many CISOs were either unaware or unconcerned about GenAI security issues. However, as shadow AI usage increases, awareness is growing rapidly.
Expansion Plans
Prompt Security’s founders are committed to continuously improving their solution and expanding its capabilities: "We’re building an entire platform that will cover all aspects of GenAI usage."
Conclusion
As businesses accelerate the adoption of GenAI, it is essential for them to consider the associated security risks. Prompt Security is taking a proactive approach to address these concerns and provide a comprehensive solution for organizations. By understanding and mitigating the potential vulnerabilities of GenAI, companies can ensure that they are leveraging this powerful technology responsibly.
Related News
