Follow Datanami:
February 15, 2024

Akto Launches World’s First Proactive GenAI Security Testing

via Shutterstock

With the rapid growth of AI, there are rising concerns about the vulnerabilities associated with the deployment of AI and related services. Several studies, including a recently released Primavera report, show that a major hurdle in the adoption of GenAI is the concern about data security and governance. 

To address GenAI security vulnerabilities, Akto, one of the leading providers of application programming interface (API) security solutions, has launched a new GenAI Security Testing solution. The new platform enables organizations to enhance the security of their GenAI and large language models (LLMs). The company claims that the new service is the world’s first proactive platform for GenAI security. 

According to the Akto press release, an organization uses 10 GenAI models on average and most often LLMs in production receive data indirectly via APIs. This means there is tons of sensitive data processing through the LLM APIs, making them a potential vulnerable spot for a security breach.  

LLMs can be targeted through various mechanisms including Denial of Service (DoS) threats, Prompt Injections, and an overreliance on LLM outputs. Last year a major outage of OpenAI’s AI tool as a result of a vulnerability in an open-source library. This security breach exposed payment-related information of some customers. 

A study by Menlo, a leader in browser security, revealed that 55 percent of GenAI inputs contained sensitive and personally identifiable information. The report indicates that even as organizational security policies increase by 26 percent, the swift evolution of generative AI is outpacing organizations’ efforts to minimize data exposure risks. 

The report highlights that the 80 percent increase in attempted file uploads to GenAI websites poses a new and significant cybersecurity threat. It recommends that organizations update their application list or risk gaps in safeguards to generative AI sites that employees are using

(Gorodenkoff/Shutterstock)

The new security testing platform by Akto addresses such threats by using state-of-the-art algorithms including over 60 built-in test cases, developed by Alto’s team of experts in GenAI security, that cover a wide range of GenAI vulnerabilities. 

The testing works by identifying security vulnerabilities by “sanitizing the output of LLMs”. The solution has the ability to detect attempts to inject malicious code or other types of cyber attacks that could compromise the system. The Akto platform also tests the GenAI application for the tendency to generate irrelevant or false reports. 

“The tests try to exploit LLM vulnerabilities through different encoding methods, separators, and markers,” said Ankush Jain, chief technology officer at Akto. “This specially detects weak security practices where developers encode the input or put special markers around the input.”

For a demonstration of the new platform’s capabilities, Akto’s Founder and CEO Ankita will be presenting at the prestigious Austin API Summit 2024. The demo is set to highlight real-world security challenges and showcase the ability of Akto’s platform to provide a robust defense against the vulnerabilities. 

As the GenAI adoption continues to rise, Akto has positioned itself at the forefront of proactive security testing for GenAI applications. The launch of the new tool reinforces Akto’s commitment to enabling a safer environment for organizations to deploy GenAI. 

Related Items 

New Cisco Study Highlights the Impact of Data Security and Privacy Concerns on GenAI Adoption

Credo AI Unveils GenAI Guardrails to Help Organizations Harness Generative AI Tools Safely and Responsibly

Trellix Announces Cybersecurity Generative AI Innovations Powered by Amazon Bedrock

Related Items 

New Cisco Study Highlights the Impact of Data Security and Privacy Concerns on GenAI Adoption

Credo AI Unveils GenAI Guardrails to Help Organizations Harness Generative AI Tools Safely and Responsibly

Trellix Announces Cybersecurity Generative AI Innovations Powered by Amazon Bedrock

 

Datanami