Latest news with #Aurascape
Forbes
14-04-2025
- Business
- Forbes
Evolving Security Frameworks For The AI Frontier
Navigating the complexities of securing AI-driven systems requires innovative, AI-native solutions ... More to protect data and ensure safe, seamless operations. From generative models to agentic AI, artificial intelligence promises to drive innovation across industries. However, as organizations increasingly integrate AI into their operations, a critical challenge arises: how do you secure something as dynamic, autonomous, and complex as AI? The answer is clear—just as cloud computing required a shift toward cloud-native security tools, AI demands a new breed of security solutions designed specifically for AI's unique needs. In the early days of cloud computing, businesses attempted to secure cloud environments using traditional on-premises security tools. This approach didn't take into account the cloud's distinct characteristics—shared responsibility models, massive scale, and the difficulty of securing data distributed across various locations. This led to a realization: effective cloud security couldn't be achieved by simply applying old methods; it required new, cloud-native tools. The shift to cloud-native security solutions was not just about scaling existing systems—it was about rethinking security to match the cloud's architecture. These tools needed to be elastic, cloud-aware, and able to monitor and protect dynamic, distributed environments in real time. The cloud became the catalyst for a more sophisticated approach to security, and this same evolution is now required for AI. AI systems differ fundamentally from traditional software applications. They can learn, adapt, and evolve in real time, creating a new set of risks. From generative AI tools like ChatGPT to more advanced agentic AI systems, the attack surface grows with each new model that's introduced. Security tools designed for static systems simply cannot keep pace with the rapid changes in AI systems. This challenge isn't theoretical—it's already here. As Moinul Khan, co-founder and CEO of Aurascape, pointed out during a recent conversation, 'Organizations are focused on keeping bad actors out and protecting intellectual property—AI adds a layer of complexity to that.' The core challenge is maintaining control over what AI systems are doing and ensuring that sensitive data doesn't leave the organization in the process. AI technologies constantly evolve, which is part of their value—but also part of their risk. Traditional security tools, which are designed for static environments, simply don't have the capability to monitor AI systems' behaviors effectively. These tools are unable to track how AI models learn, interact with data, or adapt to new inputs. As Khan explained, traditional network security tools like firewalls and proxies are inadequate when it comes to AI applications. 'When I post a file to Microsoft Copilot and ask for a summary, that's an HTTP POST. But if I interact with Copilot through a series of back-and-forth queries, your existing firewalls and proxies are blind. They can't see or understand the interactions.' This is where AI-native security tools come into play. AI-native security solutions must be able to monitor AI-specific activities, providing visibility into data flows and AI outputs while offering granular control. These tools need to be designed with AI's behavior in mind—understanding how AI models work, what data they process, and how their outputs are used. In response to these unique challenges, AI-native security tools are emerging. These tools offer several key capabilities: The evolution of security for emerging technologies typically follows a pattern and offers a roadmap for securing AI. Khan drew a direct parallel between the early days of cloud security and the current state of AI security: 'We are not creating a new market; we are solving the same problem that organizations faced 20 years ago with the internet. The only difference is that now we are dealing with AI applications that need to be understood in an entirely different way. It's not just about blocking bad actors, it's about understanding the specific use cases, interactions, and data flows of AI systems.' This shift to AI-native security is already happening. Aurascape recently emerged from stealth after a year of operations to position itself as a player in this movement. The company launched with $50M in funding from prominent investors like Mayfield Fund and Menlo Ventures, alongside strategic backers such as former Palo Alto Networks CEO Mark McLaughlin and former Zscaler Chief Strategy Officer Manoj Apte. 'We capture the entire query and response, giving you insight into what your users are doing with AI in real time,' Khan said. This capability allows businesses to monitor and secure data flows across a wide range of AI applications, providing both visibility and protection in a way that traditional security models cannot. As the demand for AI solutions grows, the need for AI-native security tools has never been more urgent. Aurascape's market entry, backed by its strong investor network and its AI Activity Control platform, is a step toward helping organizations meet this challenge. As AI technologies become more integrated into business operations, securing these systems is paramount. The lessons learned from cloud security demonstrate that when new technologies emerge, security frameworks must evolve to meet those challenges. The shift to AI-native security tools is not just inevitable—it is essential for businesses that want to fully harness the power of AI without exposing themselves to unnecessary risks. Aurascape's approach, which utilizes AI to fight AI, exemplifies this evolution. By providing organizations with the ability to monitor and control AI applications in real time, businesses can confidently adopt AI technologies while protecting their most valuable assets—intellectual property and sensitive data. To take advantage of the AI revolution while avoiding unnecessary risk, organizations must adopt AI-native security solutions that are built specifically to handle the unique demands of AI systems. Just as cloud-native security tools were necessary for securing the cloud, AI-native security tools will be critical in ensuring that AI can be adopted safely and securely across industries. The future of AI is filled with potential—but only if we can secure it properly.
Associated Press
08-04-2025
- Business
- Associated Press
Finalists Announced for 20th Annual RSAC™ Innovation Sandbox Contest 2025
SAN FRANCISCO, April 8, 2025 /PRNewswire/ -- RSA Conference LLC (" RSAC"), the company behind the world's largest and most influential cybersecurity conference, today announced the Top 10 Finalists for its 20th annual RSAC™ Innovation Sandbox contest under the RSAC™ Innovation umbrella. The competition calls on the most promising young companies in cybersecurity to demonstrate their cutting-edge technologies to a panel of judges and live audience at RSAC™ 2025 Conference in San Francisco on Monday, April 28. Past finalists have included Imperva, SentinelOne, Axonius, Wiz, HiddenLayer, and 2024's winner, Reality Defender. The Top 10 Finalists will present a three-minute pitch and participate in a question-and-answer round as they battle on stage for the title of 'Most Innovative Startup.' The renowned panel of expert judges includes David Chen, Head of Global Technology Investment Banking at Morgan Stanley; Dorit Dor, Chief Technology Officer at Check Point Software Technologies; Niloofar Razi Howe, Operating Partner at Capitol Meridian Partners; Paul Kocher, Independent Researcher; Nasrin Rezai, SVP & CISO at Verizon; and Chris Young, former McAfee CEO, Microsoft Executive, and Investor. RSAC Executive Chairman and RSAC™ Conference Program Committee Chair Hugh Thompson will return to host the contest once again. To usher in the 20th anniversary, RSAC™ Conference recently announced a new investment program. For the first time, each of the Top 10 Finalists listed below has been awarded a $5M investment to aid their drive of cybersecurity innovation. More details about the new program can be found here. Submissions for the RSAC™ Innovation Sandbox contest in 2025 saw an increase of more than 40 percent from 2024. This year, over 200 cybersecurity startups applied from across the globe which is a testament to the impact that the Innovation Sandbox contest has on the industry. 'Selecting the Top 10 proved to be highly challenging this year based on the volume of high-quality submissions. My fellow judges and I are looking forward to seeing the finalists compete on the RSAC™ Conference stage,' said Nasrin Rezai, SVP & CISO at Verizon, and RSAC™ Innovation Sandbox contest judge. 'We are witnessing the next generation of highly innovative companies to solve for the cybersecurity problems of today and tomorrow.' The Finalists (in alphabetical order) are: Aurascape Aurascape believes AI has the potential to supercharge how society works. However, unchecked use of AI, Generative AI, and AI Agents does bring risks. Aurascape gives security and AI leaders the protection they need to confidently embrace AI. CalypsoAI CalypsoAI secures applications and agents through its Inference Platform — protecting AI at runtime with customizable defensive controls, agentic red-teaming, remediation, governance, and observability solutions — helping enterprises safely scale AI. Command Zero Command Zero is an autonomous and AI-assisted investigations platform, built to transform security operations. It empowers analysts to run advanced investigations and threat hunts in complex environments. The platform reduces mean time to understand and respond — delivering expert outcomes at scale. EQTY Lab AG EQTY Lab pioneers solutions that accelerate trust in AI. The AI Integrity Suite applies cryptography to ensure that the governance of AI agents is accountable and verifiable. With applications in the public sector, life sciences, and finance, EQTY Lab is at the forefront of enabling AI innovation. Knostic Knostic provides need-to-know based access controls for LLMs. With knowledge-centric capabilities, Knostic enables organizations to accelerate the adoption of LLMs and drive AI-powered innovation without compromising value, security, or safety. Metalware Metalware helps enterprises and governments secure critical infrastructure firmware at scale. Its binary fuzzing platform automates the traditionally complex process of firmware testing, enabling customers to detect and remediate vulnerabilities in embedded systems before deployment. MIND MIND is a data security platform that puts Data Loss Prevention (DLP) and Insider Risk Management (IRM) programs on autopilot to deliver both posture and prevention. MIND discovers and classifies sensitive data, fixes data security issues, and stops sensitive data leaks. ProjectDiscovery equips security teams with open-source tools to find and fix vulnerabilities fast. Powered by Nuclei, the platform automates attack surface monitoring and vulnerability management — helping organizations stay ahead of real-world threats. Smallstep Smallstep ensures only company-owned devices can access sensitive resources. Co-developers of ACME Device Attestation with Google and Apple, the Device Identity Platform solves the 'other half' of Zero Trust by securing Wi-Fi, VPNs, ZTNA, SaaS apps, and cloud APIs with hardware-bound credentials. Twine builds AI digital employees who execute tasks from A to Z to help cyber teams close the talent gap. The company's first AI digital employee, Alex, learns, understands and takes away the burden of identity management tasks — proactively completing the organization's cyber objectives. 'As we enter a new age of threats, innovation and new technologies are critical to achieving a safer society,' said Cecilia Marinier, Vice President, Innovation & Scholars, RSAC. 'The RSAC™ Innovation Sandbox contest is an unparalleled opportunity for both the industry and the founder to highlight industry-changing solutions, companies, and entrepreneurs. This year's Top 10 Finalists were perhaps the strongest we've seen yet in this contest, and I am beyond excited for our attendees to learn more about their innovative ideas and solutions on April 28.' The competition is widely recognized as a catapult for success as the Top 10 Finalists have collectively celebrated more than 90 acquisitions and received over $16.4 billion* in investments over the last 19 years. There have been several high-profile acquisitions of former ISB finalists in recent years. In November 2024, cybersecurity company Wiz (2021 ISB Finalist) announced the acquisition of Dazz (2023 ISB Finalist) for an estimated $450 million**. In November 2023, Palo Alto Networks announced the acquisition of Talon Cyber Security (2022 ISB winner) for an estimated $625 million**. Most recently, in March 2025, Google announced that it has entered into a definitive agreement to acquire Wiz (2021 ISB Finalist) for $32 billion. Completion of this transaction would mark the largest acquisition of a private, venture-backed U.S. company to date. Other very successful independent companies graduating from the ISB program include: SentinelOne, Imperva, Axonius, and BigID as well as many others. The contest kicks off at the Moscone Center on Monday, April 28 at 9:30 AM PT and winners will be announced by approximately noon the same day. For more information regarding RSAC™ 2025 Conference, please visit * numbers according to Crunchbase as of December 31, 2024 ** numbers according to PitchBook as of April 8, 2025 About RSAC As the cybersecurity industry's convening authority, RSAC brings together diverse minds to exchange perspectives, knowledge, and ideas. RSAC provides the world's leading platform for uniting and advancing the cybersecurity community to create a safer society. RSAC is at the cutting edge of cybersecurity innovation and education. The company's flagship event, RSAC™ Conference, is the largest and most influential global gathering in cybersecurity. RSAC gives cybersecurity professionals a platform to connect and grow. To learn more, visit About RSAC™ Conference
