HiddenLayer in the News

Program includes research collaboration with the University at Buffalo

AUSTIN, Texas - April 9, 2024 - HiddenLayer, the leading security provider for artificial intelligence (AI) models and assets, today announced it has been selected by AFWERX for a STTR Phase II contract in the amount of $1.8MM focused on AI Detection & Response to address the most pressing challenges in the Department of the Air Force (DAF). The Air Force Research Laboratory and AFWERX have partnered to streamline the Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) process by accelerating the small business experience through faster proposal to award timelines, changing the pool of potential applicants by expanding opportunities to small business and eliminating bureaucratic overhead by continually implementing process improvement changes in contract execution. The DAF began offering the Open Topic SBIR/STTR program in 2018 which expanded the range of innovations the DAF funded and as of February 9, 2024, HiddenLayer began its journey to create and provide innovative capabilities that will strengthen the national defense of the United States of America.

“The opportunity to extend the use of our AISec Platform to secure the US Department of Defense’s most critical models, while also accelerating commercialization in the private sector, is a significant milestone for HiddenLayer,” said Chris "Tito" Sestito, Co-Founder and CEO of HiddenLayer. “We are honored to collaborate with AFWERX and researchers at the University at Buffalo to advance research on adversarial AI attack methods, further driving our mission to help enterprises protect their most valuable technology.”

The views expressed are those of the author and do not necessarily reflect the official policy or position of the Department of the Air Force, the Department of Defense, or the U.S. government.

About HiddenLayer

HiddenLayer is the leading provider of security for AI. Its security platform helps enterprises safeguard the machine learning models behind their most important products. HiddenLayer is the only company to offer turnkey security for AI that does not add unnecessary complexity to models and does not require access to raw data and algorithms. Founded by a team with deep roots in security and ML, HiddenLayer aims to protect enterprise’s AI from inference, bypass, extraction attacks, and model theft. The company is backed by a group of strategic investors, including M12, Microsoft's Venture Fund, Moore Strategic Ventures, Booz Allen Ventures, IBM Ventures, and Capital One Ventures.

About Air Force Research Laboratory (AFRL)

The Air Force Research Laboratory is the primary scientific research and development center for the Department of the Air Force. AFRL plays an integral role in leading the discovery, development, and integration of affordable warfighting technologies for our air, space and cyberspace force. With a workforce of more than 12,500 across nine technology areas and 40 other operations across the globe, AFRL provides a diverse portfolio of science and technology ranging from fundamental to advanced research and technology development. For more information, visit www.afresearchlab.com.

About AFWERX

As the innovation arm of the DAF and a directorate within the Air Force Research Laboratory, AFWERX brings cutting-edge American ingenuity from small businesses and start-ups to address the most pressing challenges of the DAF. AFWERX employs approximately 325 military, civilian and contractor personnel at six hubs and sites executing an annual $1.4 billion budget. Since 2019, AFWERX has executed 4,697 contracts worth more than $2.6 billion to strengthen the U.S. defense industrial base and drive faster technology transition to operational capability. For more information, visit: www.afwerx.com.

Contact

David Sack
SutherlandGold for HiddenLayer
hiddenlayer@sutherlandgold.com

Expanding AISec Platform to Facilitate Adoption of LLMs with Enterprise-Grade Security

AUSTIN, Texas - March 19, 2024 - HiddenLayer, the leading security provider for artificial intelligence (AI) models and assets, today announced the launch of its latest product: AI Detection & Response for Generative AI. The new capability comes as part of HiddenLayer’s award-winning platform, formerly known as MLDR, extending HiddenLayer’s end-to-end security to organizations deploying LLM-based applications.

HiddenLayer's AI Detection & Response for Generative AI provides a set of security controls that enable real-time monitoring, detection, and response to threats specific to LLMs. The system supports a majority of LLMs, including GPT-X, LlaMa, Mistral, and internally built LLMs out-of-the-box, and allows for the interception of traffic to and from LLM applications, offering the capability to block harmful transactions or generate alerts for security teams to take necessary actions. This ensures that LLM deployments can be managed securely, mitigating the risk of data leaks, malicious use, and other abuses.

“HiddenLayer's AI Detection & Response allows organizations to responsibly navigate the risks associated with Generative AI, facilitating safe adoption of AI across industries,” said Chris "Tito" Sestito, Co-Founder and CEO of HiddenLayer. “By empowering CISOs and security leaders to bring Generative AI technologies to their organizations with responsible controls, this launch stands as the latest step in our mission to help enterprises protect their most valuable technology.”

The launch comes on the heels of the release of HiddenLayer’s AI Threat Landscape Report, which found that AI adoption continues to accelerate without proper security measures. With 98% of surveyed companies considering at least some of their AI models crucial to their business success, and 77% identifying breaches to their AI in the past year, the need to protect and secure all forms of AI is clear. 

HiddenLayer’s AI Detection & Response fortifies organizations’ generative AI deployments against unauthorized access, infiltration attempts, and intellectual property theft - all while delivering real-time protection. The platform is automated, enabling it to recognize real-time attacks and respond to generative AI model breach attempts with speed, and can be easily deployed and integrated into existing MLOps frameworks and security tools in minutes, not days. Furthermore, the platform is scalable, providing clear reporting on detected threats, empowering security teams with insights into adversarial behavior.

Organizations leveraging HiddenLayer’s AI Detection & Response will see the following outcomes:

• Immediate and continuous real-time protection against cyber threats as outlined in 3rd party frameworks, including MITRE ATLAS and LLM OWASP.
• Unleashed innovation, enabling the quick deployment of models into production, while proactively mitigating cybersecurity risks in real-time as part of the MLOps Lifecycle, ensuring a secure and efficient workflow.
• Assistance in maintaining compliance as safeguards against threats that could result in regulatory issues.
• An organization empowered to safely and securely embrace modernization through the transformative capabilities of generative AI.

Learn more about HiddenLayer’s AI Detection & Response for Generative AI capability here.

About HiddenLayer

HiddenLayer is the leading provider of security for AI. Its security platform helps enterprises safeguard the machine learning models behind their most important products. HiddenLayer is the only company to offer turnkey security for AI that does not add unnecessary complexity to models and does not require access to raw data and algorithms. Founded by a team with deep roots in security and ML, HiddenLayer aims to protect enterprise’s AI from inference, bypass, extraction attacks, and model theft. The company is backed by a group of strategic investors, including M12, Microsoft's Venture Fund, Booz Allen Ventures, IBM Ventures, and Capital One Ventures.

Contact

David Sack
SutherlandGold for HiddenLayer
hiddenlayer@sutherlandgold.com

Survey of security leaders shows AI adoption is accelerating without proper security measures

AUSTIN, Texas - March 6, 2024 - HiddenLayer, the leading security provider for artificial intelligence (AI) models and assets, today released its inaugural AI Threat Landscape Report highlighting the pervasive use of AI and the risks involved in its deployment. Nearly all surveyed companies, 98%, consider at least some of their AI models crucial to their business success, and 77% identified breaches to their AI in the past year. Yet only 14% of IT leaders said their respective companies are planning and testing for adversarial attacks on AI models.

The report surveyed 150 IT security and data science leaders to shed light on the biggest vulnerabilities impacting AI today, their implications on commercial and federal organizations, and cutting-edge advancements in security controls for AI in all its forms. 

The survey uncovered AI’s widespread utilization by today’s businesses as companies have, on average, a staggering 1,689 AI models in production. In response, security for AI has become a priority, with 94% of IT leaders allocating budgets to secure their AI in 2024. Yet only 61% are highly confident in their allocation, and 92% are still developing a comprehensive plan for this emerging threat. These findings reveal the need for support in implementing security for AI.

“AI is the most vulnerable technology ever to be deployed in production systems,” said Chris "Tito" Sestito, Co-Founder and CEO of HiddenLayer. “The rapid emergence of AI has resulted in an unprecedented technological revolution, of which every organization in the world is affected. Our first-ever AI Threat Landscape Report reveals the breadth of risks to the world’s most important technology. HiddenLayer is proud to be on the front lines of research and guidance around these threats to help organizations navigate the security for AI landscape.”

Risks Involved with AI Use

Adversaries can leverage a variety of methods to utilize AI to their advantage. The most common risks of AI usage include:

• Manipulation to give biased, inaccurate, or harmful information. 
• Creation of harmful content, such as malware, phishing, and propaganda. 
• Development of deep fake images, audio, and video.
• Leveraged by malicious actors to provide access to dangerous or illegal information.

Common Types of Attacks on AI

There are three major types of attacks on AI:

• Adversarial Machine Learning Attacks target AI algorithms, aimed to alter AI’s behavior, evade AI-based detection, or steal the underlying technology. 
• Generative AI System Attacks threaten AI’s filters and restrictions, intended to generate content deemed harmful or illegal.
• Supply Chain Attacks attack ML artifacts and platforms with the intention of arbitrary code execution and delivery of traditional malware.

Challenges to Securing AI

While industries are reaping the benefits of increased efficiency and innovation thanks to AI, many organizations do not have proper security measures in place to ensure safe use. Some of the biggest challenges reported by organizations in securing their AI include:

• Shadow IT: 61% of IT leaders acknowledge shadow AI, solutions that are not officially known or under the control of the IT department, as a problem within their organizations.
• Third-Party AIs: 89% express concern about security vulnerabilities associated with integrating third-party AIs, and 75% believe third-party AI integrations pose a greater risk than existing threats.

Best Practices for Securing AI

HiddenLayer has outlined recommendations for organizations to begin securing their AI, including:

• Discovery and Asset Management: Begin by identifying where AI is already used in your organization. What applications has your organization already purchased that use AI or have AI-enabled features?
• Risk Assessment and Threat Modeling: Perform threat modeling to understand the potential vulnerabilities and attack vectors that could be exploited by malicious actors to complete your understanding of your organization’s AI risk exposure.
• Data Security and Privacy: Go beyond the typical implementation of encryption, access controls, and secure data storage practices to protect your AI model data. Evaluate and implement security solutions that are purpose-built to provide runtime protection for AI models.
• Model Robustness and Validation: Regularly assess the robustness of AI models against adversarial attacks. This involves pen-testing the model's response to various attacks, such as intentionally manipulated inputs.
• Secure Development Practices: Incorporate security into your AI development lifecycle. Train your data scientists, data engineers, and developers on the various attack vectors associated with AI.
• Continuous Monitoring and Incident Response: Implement continuous monitoring mechanisms to detect anomalies and potential security incidents in real-time for your AI, and develop a robust AI incident response plan to quickly and effectively address security breaches or anomalies.

HiddenLayer’s products and services accelerate the process of securing AI, with its AISec Platform providing a comprehensive AI security solution that ensures the integrity and safety of models throughout an organization's MLOps pipeline. HiddenLayer also provides its Machine Learning Detection & Response (MLDR), which enables organizations to automate and scale the protection of AI models and ensure their security in real-time, and its Model Scanner, which enables companies to evaluate the security and integrity of their ML artifacts before deploying them.

For more information, view the full report here. 

About HiddenLayer

HiddenLayer is the leading provider of security for AI. Its security platform helps enterprises safeguard the machine learning models behind their most important products. HiddenLayer is the only company to offer turnkey security for AI that does not add unnecessary complexity to models and does not require access to raw data and algorithms. Founded by a team with deep roots in security and ML, HiddenLayer aims to protect enterprise’s AI from inference, bypass, extraction attacks, and model theft. The company is backed by a group of strategic investors, including M12, Microsoft's Venture Fund, Booz Allen Ventures, IBM Ventures, and Capital One Ventures.

Contact

David Sack
SutherlandGold for HiddenLayer
hiddenlayer@sutherlandgold.com