As 2024 approaches its end, enterprises across various sectors are increasingly eager to utilize their data within generative AI applications that enhance both internal (employee-facing) and external (customer/partner-facing) processes. However, ensuring these processes are secure poses a significant challenge, particularly for companies without an integrated focus on security. The existing security frameworks in many enterprises often fall short of the requirements needed for the AI era, where the objective is to fully exploit data through AI technological advancements.
Recognizing this crucial need, an Israeli startup specializing in AI enterprise security has emerged from stealth mode following a Series A funding round, securing $32 million from Ballistic Ventures. The funding round also saw participation from other notable investors, including CISOs from significant companies. This company aims to deliver a comprehensive security platform that ensures the integrity of enterprise customer data from collection through deployment and maintenance of AI models and applications. This platform has already been adopted by several Fortune 500 companies, indicating its robust capability and industry trust.
Addressing Unique AI Security Challenges
Niv Braun, co-founder and CEO of Noma, highlighted in an interview the specific security challenges faced by modern AI and data science models, such as prompt injection and data leakage. Standard security tools often fail to address these unique risks, a gap that Noma’s founders identified from their own experiences, including their service in Israel’s elite 8200 intelligence unit. This background in both security and data science allowed Braun and his co-founder to effectively build a team skilled in these domains and address these security vulnerabilities directly.
Noma’s platform is structured around three comprehensive tiers of coverage: Data and AI Supply Chain Security, AI Security Posture Management (AI-SPM), and AI Threat Detection and Response. Each of these components plays a crucial role in ensuring the security of AI applications from development to deployment. The first tier, Data and AI Supply Chain Security, ensures that the environments, pipelines, and development tools enterprises use are secure, mitigating risks that might compromise data and AI supply chains. This is essential for maintaining the integrity of data as it moves through various stages of processing and analysis.
Comprehensive Security Platform
The second tier, AI Security Posture Management (AI-SPM), offers both an inventory and security management solution for first- and third-party AI models. It aims to protect these assets before they are put into production, ensuring that any vulnerabilities are identified and addressed early in the development process. The third tier, AI Threat Detection and Response, actively monitors AI applications to detect adversarial attacks in real-time and enforce safety protocols during runtime. This proactive approach helps to mitigate risks before they can cause significant damage.
The platform’s consolidation of these security measures into a single, cohesive solution is a major strength, according to Braun. Customers have the flexibility to adopt the integrated all-in-one approach or select specific components based on their needs. Data from early adopters indicates that 95% of customers prefer the comprehensive enterprise license, which is presented as the most cost-effective and flexible choice for broad organizational security. Compatibility and ease of integration within diverse environments are key features of the Noma platform. Whether cloud-based, SaaS, or self-hosted, the platform can be installed within minutes and requires no changes to existing code.
Flexibility and Integration
Through a simple API connection, the platform maps and scans everything in the customer’s environment, allowing data science teams to implement security controls seamlessly without disrupting their workflows. This feature is particularly valuable in high-velocity, AI-powered development environments. A significant endorsement comes from a notable partner who remarked that the historical development of application security has led to fragmented tools addressing static and dynamic analysis, open-source, supply chain, and runtime issues individually. Noma’s integrated approach tackles these diverse use cases simultaneously, providing a more streamlined solution for modern enterprises.
Noma also prioritizes usability, ensuring both data and AI teams, as well as security teams, can engage with the platform without needing extensive prior expertise. This makes the platform accessible even in proof of concept scenarios run by security teams independently of data science teams, who still found it straightforward to integrate and use. Another significant aspect is that the platform educates users by explaining fundamental security principles in a context familiar to application security teams, enriched with a new perspective on data and AI security.
Bridging the Operational Gap
As enterprises increasingly prioritize security and compliance in AI adoption, Noma seeks to bridge the operational gap between data science and security teams, fostering collaboration and ensuring security measures are transparent and straightforward. This effort is critical to reducing friction and improving cooperative efforts between these traditionally siloed functions. An influential partner emphasized the advantage of embedding security into the development lifecycle from the start. Noma’s approach provides comprehensive visibility and confidence to AppSec teams while empowering data science teams, thus facilitating faster and more secure AI-driven business innovations.
Noma’s entry into the market represented a pivotal development in securing AI-driven business operations at scale. With the growing reliance on AI in critical applications, ensuring robust security in AI workflows is increasingly vital. Noma’s platform addresses this need by offering a full spectrum of security measures that enable companies to leverage AI without compromising on data integrity and security.
Contributing to AI Security Standards
As 2024 draws to a close, businesses across various industries are increasingly eager to harness their data through generative AI applications to improve both internal operations and external services. However, safeguarding these processes remains a considerable challenge, especially for companies that lack a strong focus on security. Many existing security frameworks are inadequate for the AI era, where the goal is to fully leverage data using AI technological advancements.
In response to this pressing need, an Israeli startup specializing in AI enterprise security has emerged from stealth mode after completing a Series A funding round. The company raised $32 million from Ballistic Ventures, with additional investments from CISOs of major companies. Their aim is to offer a comprehensive security platform that ensures the integrity of enterprise customer data from collection to the deployment and maintenance of AI models and applications. This platform has already been implemented by several Fortune 500 companies, signaling its strong capabilities and the trust it has garnered within the industry.