Securing generative AI-based applications from prompting attacks, ensuring that they don't leak sensitive data or create malicious output or results that may violate privacy regulations is becoming a real business. We've already seen some startups in this space and today, Tel Aviv-based Aim Security is joining the fray with a new GenAI security platform and a $10 million seed funding round. This round was led by YL Ventures, with participation from Cyber Club London and a group of angel investors that includes the founders of WIZ.
Like so many Israeli security startups, Aim Security's founders Matan Getz (CEO) and Adir Gruss (CTO) got their cybersecurity education during their time with the Israel Defense Forces. Getz spent time with Unit 8200 and became the deputy CISO at the IDF, while Gruss was the commander of what Getz described as an "elite cybersecurity education program." After his time with the army, Gruss became the field CTO of Laminar.
Image Credits: Aim Security
"We partnered together for my internal projects [at the IDF] and then when GenAI became hyped and not just for the geeks, we quickly understood the power of GenAI. This was exactly the time when we decided to partner and to found Aim Security," Getz told me.
Getz explained that the company wants to take a holistic look at the security implications of GenAI, most of which revolve around preventing data leakage and ensuring that GenAI usage -- both by employees who use public GenAI products like ChatGPT and by developers who may create their own internal or public-facing applications -- doesn't leak private data.
"The consumer applications that are out there are very easy to use. It's like to call it [Data Loss Prevention] on steroids because now you have an interest to upload sensitive data and the applications have a deep interest to train their models on that data," Getz said. Meanwhile, many large companies have started connecting their internal data to copilots (mostly from Microsoft), making it hard for them to enforce their existing authorization rules, all while the internal developers are looking to build their own homegrown applications.
The company's platform integrates with a lot of existing security solutions but it also offers a lightweight browser extension. This way, the company always sits between the large language model and the user (or application) and knows exactly which GenAI tools a company's employees are using and what data they feed them.
Getz noted that the company is already seeing a lot of traction across a number of industries. With investors who have deep roots in both the U.S. and Europe, the company has now set its sights to expand in these markets.