Artificial intelligence is the buzzword of our time, with technologists insisting that every organisation should be making use of AI to remain competitive. But what if adopting AI also makes you more vulnerable to a damaging cyber attack? That is the fear of a growing number of cyber security experts, who warn that the nature of AI tools and applications, including generative AI platforms, means they have blind spots that fraudsters and criminals could exploit – with disastrous consequences.
Enter SydeLabs, a San Francisco-based start-up launched earlier this year to tackle exactly this problem – and which is today announcing the successful completion of a $2.5 million seed funding round. “The rise of AI makes it essential that we think more deeply about how to prevent AI applications going rogue,” says Ankita Kumari, who co-founded the business with Ruchir Patwa. “We are starting to see a big increase in the number of attackers targeting AI applications specifically.”
She’s not the first to sound the alarm. Research specialist Verdict tipped the nascent market for cyber security solutions aimed at protecting AI applications as one to watch last summer, particularly as regulation of AI tools and products continues to increase. Groups such as Stack Overflow have warned that AI applications are providing bad actors with an increasingly large surface area to attack. It could be possible to interfere with the decisions made by AI models, for example, or to access the sensitive data on which these models have been trained.
SydeLabs has developed two products that give enterprises and other AI users an opportunity to fight back. Its Sydebox solution, now being used by around 15 early-adopting customers, enables organisations to scan their AI applications to identify vulnerabilities that an attacker might exploit so these can be addressed. Kumari says the organisations using this software have already found more than 15,000 potential weak points in 50 different applications they have deployed.
SydeGuard, the company’s second application, will be launched in the coming weeks, and will provide organisations with a means to detect live attacks on their AI systems. The software works by assigning a risk score to each interaction with the system; the organisation can set a threshold above which it is notified of such interactions so that it can take action accordingly.
AI applications require a different approach to the way in which traditional cyber threats are detected, Kumari says. “Traditionally, security has mostly relied on pattern-based approaches for detecting both vulnerabilities and attacks,” she says. “That approach does not work for generative AI applications – the intent of the user matters more than the exact input of the user.”
It’s an issue that the large cyber security product providers recognise, Kumari says, but one where they find it difficult to move with the speed required given the rapidly evolving threat, with new problems emerging in real time. Smaller providers offer greater agility, she argues.
That is driving something of a race to become the product provider of choice, with several possible distribution channels in play. Kumari is keen to sell SydeLabs’ products to enterprise customers on a standalone basis, but also sees commercial potential in partnerships with established cyber security players and with AI application designers.
Rivals to SydeLabs include firms such as Lakera and Prompt Security, which have also developed cyber security solutions designed specifically for AI applications.
SydeLabs is therefore anxious to continue innovating at pace, with plans for a third product launch in the coming months to help organisations identify their compliance gaps as regulation steps up.
Today’s fundraising will support this rush to innovate, with the new capital earmarked for research and development. The round was led by RTP Global, with participation from Picus Capital and a number of angel investors.
“SydeLabs is setting new standards for AI applications that are as secure as they are ground breaking,” says Galina Chifina, a partner on RTP Global’s Asia Investment team. “SydeLabs’ approach to AI security showcases the kind of forward-thinking application of technology we champion at RTP.”