CyberSecurityBoard
Sponsor Register Login

Startups Scramble to Build Immediate AI Security

It also elevated startups working on machine learning security operations, AppSec remediation, and adding privacy to AI with fully homomorphic encryption.
AI's largest attack surface involves its foundational models, such as Meta's Llama, or those produced by giants like Nvidia, OpenAI, Microsoft, etc.
The overwhelming majority of today's machine learning development involves reusing these foundational models.
At least at the moment, building bespoke models from scratch has proven too expensive.
Instead, engineers tune foundational models, train them on additional data, and blend these models into traditional software development.
Foundational models have all the existing vulnerabilities of the software supply chain, plus AI's new mathematical threats.
One can change even a single pixel in an image and induce different model outputs.
Despite patching, there will always be ways to change inputs to attack foundational models.
It's not easy to patch all the known vulnerabilities in a model.
Thousands of academic papers describe adversarial AI attacks on deployed production models, as does the MITRE Atlas framework.
Adversarial AI wielded against models in production environments has caught the public's attention.
Consider that potential victims may throttle model queries so low that there aren't enough interactions for the attacks in MITRE Atlas to even work.
It secures bespoke model development, training data, and analyze foundational models for vulnerabilities.
A further debate is driven by Adversa AI and Calypso AI, which are both skeptical that foundational models can ever be secured.
Adversa AI automates foundational model pen testing and validation, along with red-team services.
Calypso AI focuses on scoring vulnerabilities at the point of model prompts and their responses, either logging or blocking.
Startups Got Realistic About Fully Homomorphic Encryption FHE is quite different than the all-or-nothing encryption of old.
While still encrypted, FHE can be productively used by many ML algorithms, neural networks, and even large language models.
Two smaller FHE startups also received strategic investments in 2023.
Only a small number of innovators at early growth startups have coherent visions of AI security.


This Cyber News was published on www.darkreading.com. Publication date: Tue, 02 Jan 2024 15:05:25 +0000


Cyber News related to Startups Scramble to Build Immediate AI Security

How the Evolving Role of the CISO Impacts Cybersecurity Startups - It helps startups striving to meet the ever-evolving needs of CISOs, who are simultaneously seeking the elusive but paramount buy-in from business users and executives. The CISO role has evolved dramatically in the past few years in response to ...
1 year ago Darkreading.com
CVE-2024-26626 - In the Linux kernel, the following vulnerability has been resolved: ...
9 months ago
When Looking For Cybersecurity Solutions, Don't Shrug Off Startups - Let's say you're looking for some new technology for your business. That's why it's time to start giving startup tech a fair shake. It's nice to stick with a known commodity, especially when you're talking about securing your company's digital ...
1 year ago Cybersecurity-insiders.com
Startups Scramble to Build Immediate AI Security - It also elevated startups working on machine learning security operations, AppSec remediation, and adding privacy to AI with fully homomorphic encryption. AI's largest attack surface involves its foundational models, such as Meta's Llama, or those ...
11 months ago Darkreading.com
The First 10 Days of a vCISO’S Journey with a New Client - Cyber Defense Magazine - During this period, the vCISO conducts a comprehensive assessment to identify vulnerabilities, engages with key stakeholders to align security efforts with business objectives, and develops a strategic roadmap to prioritize actions and resources. If ...
2 months ago Cyberdefensemagazine.com
AI, Supply Chain Are Fertile Areas for Cybersecurity Investment - The past year has been a busy one for startups, with investors re-evaluating their rules on what kind of companies to invest in and larger companies going shopping for innovative technologies. Focusing on individual acquisitions or startup launches ...
11 months ago Darkreading.com
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
11 months ago Feeds.dzone.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
2 months ago Helpnetsecurity.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
1 year ago Microsoft.com
CVE-2016-2084 - F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP ...
8 years ago
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
10 months ago Esecurityplanet.com
10 Best Security Service Edge Solutions - Security Service Edge is an idea in cybersecurity that shows how network security has changed over time. With a focus on customized solutions, Security Service Edge Solutions leverages its expertise in multiple programming languages, frameworks, and ...
10 months ago Cybersecuritynews.com
Five business use cases for evaluating Azure Virtual WAN security solutions - To help organizations who are evaluating security solutions to protect their Virtual WAN deployments, this article considers five business use cases and explains how Check Point enhances and complements Azure security with its best-of-breed, ...
7 months ago Blog.checkpoint.com
CVE-2023-35947 - Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did not check that files could be written outside of the unpack location. This could lead to ...
9 months ago
The 6 Best Email Security Software & Tools of 2024 - To guarantee full protection against email threats, important features to consider when picking an email security solution include email filtering and spam detection, sandboxing, mobile support, advanced machine learning, and data loss prevention. ...
2 months ago Esecurityplanet.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
6 months ago Esecurityplanet.com
Cloud Security: Stats and Strategies - An interesting aspect in O'Reilly's latest Cloud Adoption report based on a global survey conducted is that 90% of the responders are using the cloud to support their business. One of the key takeaways from the State of the Cloud report from Flexera ...
11 months ago Feeds.dzone.com
IaaS vs PaaS vs SaaS Security: Which Is Most Secure? - Security concerns include data protection, network security, identity and access management, and physical security. While IaaS gives complete control and accountability, PaaS strikes a compromise between control and simplicity, and SaaS provides a ...
1 year ago Esecurityplanet.com
Normalizing Security Culture: Stay Ready - While it may seem like self-promotion or extraneous work, it’s extremely valuable to take the extra time to summarize threats stopped, processes improved, projects completed and team members modeling strong security behavior. Most people don't ...
2 months ago Darkreading.com
CVE-2017-7923 - A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 ...
7 years ago
CVE-2017-7921 - An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build ...
7 years ago
​​Microsoft named as a Leader in three IDC MarketScapes for Modern Endpoint Security 2024 - With these security concerns top of mind, there is no surprise that in the last five years, the Modern Endpoint Security market has nearly tripled in size to defend against emerging, sophisticated, and persistent threats. Microsoft Defender for ...
9 months ago Techcommunity.microsoft.com
Strengthening Security Posture Through People-First Engagement - Regular, small doses of security education help combat the “forgetting curve,” a theory developed by Hermann Ebbinghaus that suggests people forget 75% of newly learned information within a couple of days. These statistics underscore a critical ...
2 months ago Informationsecuritybuzz.com
Microsoft Copilot for Security provides immediate impact for the Microsoft Defender Experts team - AI is quickly becoming a force multiplier-presenting significant opportunities for security teams to increase productivity, save time, upskill resources, and more. Microsoft Copilot for Security is already showing immediate impact for security teams ...
10 months ago Microsoft.com
A Practitioner's Guide to Security-First Design - Instead, organizations must proactively fortify their defenses and enter the era of security-first design - an avant-garde approach that transcends traditional security measures. Security-first design is an approach that emphasizes integrating robust ...
1 year ago Feeds.dzone.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)