Latest news with #MITREATLAS
Channel Post MEA
6 days ago
- Business
- Channel Post MEA
Qualys Updates TotalAI Solution
Qualys has announced major updates to its TotalAI solution to secure organizations' complete MLOps pipeline from development to deployment. Organizations will now be able to rapidly test their large language models (LLMs), even during their development testing cycles, with stronger protection against more attacks and on-premises scanning powered by an internal LLM scanner. With the current rush of AI adoption, organizations are moving at an unprecedented pace – often without implementing foundational security controls necessary to manage risk. A recent study revealed 72% of CISOs are concerned generative AI solutions could result in security breaches for their organizations. Enterprises need a better solution to bridge the gap between innovation and secure implementation. As AI becomes a core component of business innovation, security can no longer be an afterthought,' said Tyler Shields, principal analyst at Enterprise Strategy Group. 'Qualys TotalAI ensures that only trusted, vetted models are deployed into production, enabling both agility and assurance across organizations' AI usage. This security helps organizations achieve their innovation goals while managing their risk.' Qualys TotalAI is purpose-built for the unique realities of AI risk, going beyond basic infrastructure assessments to directly test models for jailbreak vulnerabilities, bias, sensitive information exposure, and critical risks mapped to the OWASP Top 10 for LLMs. Taking a risk-led approach, TotalAI not only finds AI-specific exposures — it helps teams resolve them faster, protect operational resilience, and maintain brand trust. TotalAI delivers: Automatic Prioritization of AI Security Risks : Findings are mapped to real-world adversarial tactics with MITRE ATLAS and automatically prioritized through the Qualys TruRisk scoring engine, helping security, IT, and MLOps teams zero in on the most business-critical risks. : Findings are mapped to real-world adversarial tactics with MITRE ATLAS and automatically prioritized through the Qualys TruRisk scoring engine, helping security, IT, and MLOps teams zero in on the most business-critical risks. Faster, Safer AI Application Development: With the new internal on-premises LLM scanner, organization can now incorporate comprehensive security testing of their LLM models during development, staging, and deployment – all without ever exposing models externally. This shift-left approach, incorporating security and testing of AI-powered applications into existing CI/CD workflows, strengthens both agility and security posture, while ensuring sensitive models remain protected behind corporate firewalls. With the new internal on-premises LLM scanner, organization can now incorporate comprehensive security testing of their LLM models during development, staging, and deployment – all without ever exposing models externally. This shift-left approach, incorporating security and testing of AI-powered applications into existing CI/CD workflows, strengthens both agility and security posture, while ensuring sensitive models remain protected behind corporate firewalls. Enhanced Defense Against Emerging AI Threats: TotalAI now expands to detect 40 different attack scenarios, including advanced jailbreak techniques, prompt injections and manipulations, multilingual exploits, and bias amplification. The expanded scenarios simulate real-world adversarial tactics and strengthen model resilience against exploitation, preventing attackers from manipulating outputs or bypassing safeguards. TotalAI now expands to detect 40 different attack scenarios, including advanced jailbreak techniques, prompt injections and manipulations, multilingual exploits, and bias amplification. The expanded scenarios simulate real-world adversarial tactics and strengthen model resilience against exploitation, preventing attackers from manipulating outputs or bypassing safeguards. Protection from Cross-modal Exploits with Multimodal Threat Coverage: TotalAI's enhanced multimodal detection identifies prompts or perturbations hidden inside images, audio, and video files that are designed to manipulate LLM outputs, helping organizations safeguard against cross-modal exploits. 'AI is reshaping how businesses operate, but with that innovation comes new and complex risks,' said Sumedh Thakar, president and CEO of Qualys. 'TotalAI delivers the visibility, intelligence, and automation required to stay agile and secure, protecting AI workloads at every stage — from development through deployment. We are proud to lead the way with the industry's most comprehensive solution, helping businesses innovate with confidence, while staying ahead of emerging AI threats.' 0 0
Techday NZ
29-04-2025
- Business
- Techday NZ
Qualys expands TotalAI to boost AI security from development onwards
Qualys has announced significant updates to its TotalAI platform, expanding AI and large language model (LLM) security coverage for organisations from development through to deployment. The enhancements are designed to address the rapid pace of AI adoption in business, which often outpaces the implementation of necessary security controls. Citing a recent study where 72% of CISOs expressed concerns that generative AI solutions could cause security breaches within their organisations, Qualys aims to provide tools to help bridge the gap between innovation and secure implementation. Summarising the need for integrated security in AI operations, Tyler Shields, Principal Analyst at Enterprise Strategy Group, said, "As AI becomes a core component of business innovation, security can no longer be an afterthought. Qualys TotalAI ensures that only trusted, vetted models are deployed into production, enabling both agility and assurance across organisations' AI usage." "This security helps organisations achieve their innovation goals while managing their risk." TotalAI has been updated to test models for jailbreak vulnerabilities, bias, sensitive information exposure, and critical risks mapped to standards such as the OWASP Top 10 for LLMs. The platform also supports enterprise teams in resolving exposures, protecting operational resilience, and maintaining brand trust. Among the new features is automatic prioritisation of AI security risks, with findings mapped to real-world adversarial tactics using MITRE ATLAS and prioritised by the TruRisk scoring engine. This allows teams across security, IT, and MLOps to focus on the most business-critical risks within their AI operations. The release also includes an on-premises internal LLM scanner to support security testing during development, staging, and deployment. This capability enables security and testing of AI-powered applications to be integrated into existing CI/CD workflows, ensuring that models remain protected behind corporate firewalls and are not exposed externally at any stage during their lifecycle. TotalAI's expanded threat coverage now includes detection of 40 distinct attack scenarios. These cover advanced jailbreak techniques, prompt injections, manipulations, multilingual exploits, and bias amplification. The platform simulates real-world adversarial tactics to increase model resilience against exploitation and better protect against attackers attempting to manipulate AI outputs or bypass model safeguards. Another area of focus is protection against cross-modal exploits, with enhanced multimodal detection identifying prompts or perturbations hidden inside images, audio, and video files that may be used to manipulate LLM outputs. This aims to address potential vulnerabilities introduced by the use of different data modalities in AI systems. Sumedh Thakar, President and CEO of Qualys, spoke about the increasing complexity and risk accompanying AI adoption in business, stating, "AI is reshaping how businesses operate, but with that innovation comes new and complex risks." "TotalAI delivers the visibility, intelligence, and automation required to stay agile and secure, protecting AI workloads at every stage — from development through deployment. We are proud to lead the way with the industry's most comprehensive solution, helping businesses innovate with confidence, while staying ahead of emerging AI threats." Qualys has stated that TotalAI is built for the realities of AI risk, offering more than just infrastructure assessments by directly testing models for a range of vulnerabilities and threats relevant to contemporary AI deployments.
