In an ever-evolving business landscape, companies are racing to adopt the cutting-edge technology of generative AI, bringing it to both their employees and users at lightning speed. However, in the rush to move forward, security concerns are often left behind. It’s only now that many businesses are waking up to the potential risks associated with utilizing generative AI. Israel-based Prompt Security recognizes this issue and aims to alleviate it, helping organizations ensure the integrity of their data while also protecting their customer-facing GenAI-enabled applications.
The company is emerging from stealth mode today and announcing a $5 million seed round led by Hetz Ventures, with contributions from Four Rivers and a group of knowledgeable angel investors, including CISOs from companies such as Airbnb, Elastic, and Dolby.
Prompt Security was founded by CEO Itamar Golan and CTO Lior Drihem, both of whom previously worked for companies Check Point and Orca Security. Golan shares, “
I always knew that I wanted to start my own company. My two passions were AI and security, but five years ago, I saw that the market wasn’t quite ripe. So I waited for the perfect opportunity.
About 18 months ago, while working at Orca, Golan and his team began looking into implementing an AI-based remediation feature. With the help of Drihem, they were able to develop the feature, which inspired the creation of Prompt Security. Golan explains,
“As we delved into the development, we realized the new attack surface created by these innovative architectures and frameworks. Suddenly, prompt injections were impossible. We knew then that an entirely new market was about to emerge.”
Golan is also involved in the OWASP Top 10 initiative to enhance the security of LLM applications.
One major issue for CISOs today is a lack of knowledge about the tools their employees are accessing within the company network, Golan notes. This leaves room for employees to share sensitive information with unauthorized services, which could result in data leaks and potential regulatory issues. To combat this, Prompt Security offers a browser extension and IDE plugin that automatically detects and enforces policies on GenAI usage, causing minimal disruption to the user experience.
At the same time, the use of GenAI chat applications creates a new vulnerability, as prompt injections and jailbreaks could potentially allow attackers to run unauthorized code within a company’s network.
Golan emphasizes that Prompt Security aims to create a comprehensive platform, addressing various aspects of an organization’s GenAI usage. He explains, “
We are striving to provide a one-stop solution for GenAI security, covering both employee usage and application security for the corporate information security side.
In recent months, Golan shares, many CISOs were either unaware or unconcerned about GenAI security concerns. However, with the rise of shadow AI usage, they are now seeing the urgency of addressing this issue.
In the future, Prompt Security plans to launch additional services to further enhance its customers’ GenAI security posture. Currently, the company mainly focuses on securing production applications, but it plans to expand into aiding developers in securing their applications during the development and testing stages. Golan states, “
I believe our main focus right now should be on current needs in the GenAI arena, such as real-time visibility and data privacy. As we grow with more resources and customer input, we will continue to evolve. And with such a rapidly changing market, what I’m saying now may not even be relevant next year.