Protect AI emerges from stealth and raises $13.5 million

Protect the AI grew out of stealth with seed funding of $13.5 million and its first product, NB Defense.

NB Defense addresses vulnerabilities in a core component used early in the machine learning supply chain: Jupyter Notebooks. This is a rapidly growing security issue that is increasing significantly each year as more organizations move machine learning into production environments. Today, there are over 10 million publicly accessible notebooks, growing to over 2 million annually, with many more in private repositories.

The company was founded by a proven leadership team that has led some of the largest and most successful AI businesses in AWS Y Oraclewith a strong track record of creating new market categories and launching successful startups in the ML space.

The round was co-led by successful cybersecurity investors Acrew Capital and boldstart ventures. Mark Kraynak and Ed Sim, respectively, join the Protect AI Board of Directors. Additional investors include Knollwood Capital, Pelion Ventures, Avisio Ventures, and experienced cybersecurity leaders Shlomo Kramer, Nir Polak, and Dimitri Sirota.

“As companies put AI/ML into production, it must be protected according to the value it offers. I have seen more than 100,000 customers implement AI/ML systems and realized that they present a new and unique security threat surface that current cybersecurity solutions on the market do not address,” he said. ian swansonCo-Founder and CEO of Protect AI.

“That is why we founded Protect AI. ML developers and security teams need new tools, processes, and methods to secure their AI systems. Since almost all ML code starts with a notebook, we think that’s the most logical place to start so we can speed up the industry’s necessary transition. We are launching a free product that helps usher in this new category of MLSecOps to build a safer AI-powered world, starting now. But we have many more innovations that will roll out quickly across the ML supply chain.”

As MLOps have helped increase the speed of machine learning used in production, opportunities for security incidents have increased and new vulnerabilities have been created in the enterprise ML supply chain. Some of the new security risks in the ML software supply chain include Jupyter Notebooks that are incompatible with existing static code analyzers, arbitrary code execution in serialized models, poisoned training data, and model evasion using adversarial techniques. of ML.

The need for MLSecOps (machine learning + security + operations)

MLSecOps is a new and much-needed practice in application security that involves introducing security earlier in the ML model development lifecycle.

“ML is a whole new class of applications and underlying infrastructure, just like the mobile web, IOT and Web3. Security for new application ecosystems follows the same arc: knowledge of vulnerabilities, followed by the ability to find them, then added contextual understanding and prioritization, and finally automated remediation. Protect AI will enable this end-to-end arc for AI systems,” he said. kraynak brand, founding partner, Acrew Capital. “We are excited about this first step, with NB Defense, and we look forward to working with the leadership team as there is much more to come.”

Improved security of a core component used by ML professionals: Jupyter Notebooks

ML professionals use notebooks to create and share documents that contain live code, equations, visualizations, data, and text. Laptops can present security risks within an organization and current cybersecurity solutions do not address this space.

In fact, Protect AI used NB Defense to scan more than 1,000 public Jupyter Notebooks and found many examples of exposed secrets, leaked personally identifiable information, and critical vulnerabilities that an attacker could exploit to compromise cloud systems, including database access. of confidential data. Current cybersecurity solutions do not provide coverage for this commonly used tool.

This coverage gap means that a critical part of an enterprise’s code base could contain invisible vulnerabilities, creating zero-day exploit risks. “Unfortunately, after working with hundreds of clients, I learned that ML code is not commonly scanned in enterprises today. Also, targeted ML scanning and remediation of AI vulnerabilities is not yet a priority for most CISOs,” said Dan Plastina, former Vice President of AWS Security Services and Protect AI Advisory Fellow. “This is because until now there have been no tools to address this specific need and serve both AI developers and cybersecurity professionals. Protect AI addresses that gap.”

What is NB Defense and how does it work?

NB Defense is a solution for Jupyter Notebooks. NB Defense builds a translation layer out of traditional security capabilities to enable scans of Jupyter Notebooks, then communicates the findings natively in the notebook or via easy-to-read reports with context-specific links to problem areas within the notebook. For your repair. NB Defense security scans of a laptop check for:

• Common Vulnerabilities and Exposures in Open Source ML Frameworks, Libraries, and Packages
• Authentication tokens and other credentials for a large number of services and products
• Non-permissive licenses on open source ML packages, libraries and frameworks
• Sensitive data and personally identifiable information

Critically, NB Defense will work across all MLOps tools, effectively meeting the companies where they do machine learning today. “Each customer’s machine learning pipeline includes Jupyter as a key workbench for their data scientists, this doesn’t change whether they’re on AWS, Azure, GCP, or other solutions,” he said. chris kingProduct Manager, Protect AI.

“It was vital that we built NB Defense to work across all of these platforms, meeting your data scientists where they work, empowering them to improve the security posture of their workloads without slowing down their productivity or creativity. Securing a laptop is just the first step, and customers can expect a fast pace of products and solutions that help them secure their ML environments holistically.”

NB Defense is available today under a free license. Users can easily install NB Defense and use the JupyterLab extension or the command line interface (CLI). The product was also designed to integrate into ML development workflows with precommit hook support that allows the user to run a scan before changes are pushed into a repository. NB Defense security scans can also be scheduled via GitHub Action or any other CI/CD process.