The Rise of Startups Addressing Machine Learning System Security and Automation Vulnerabilities

The world is becoming increasingly digitized, and software is at the core of this transformation. A recent trend has seen non-developers building software applications with toolkits, APIs, and machine learning (ML) systems. This burgeoning market of software building is driving a new set of cybersecurity threats that neither the industry nor legacy security products have fully addressed.

The RSA Innovation Sandbox is a Shark Tank-like competition for startup security companies. This year’s competition shows a clear shift in the sector towards securing these new attack surfaces from software building and machine learning systems. Startups are focused on helping developers write more secure code and defending ML systems against attacks that steal intellectual property.

## Emerging security threats from software building

The risk of traditional cyber-attacks like malware, phishing, and ransomware threats is still high; moreover, software building is increasingly becoming a blind spot in the security operations of businesses of all shapes and sizes. This blind spot comes from a lack of dedicated solutions to manage and secure shadow integrations in advance of significant attacks.

Astrix Security maps a web of APIs, monitors them, and detects many of those which are seemingly benign software shadow integrations. They report that 45 times more non-humans traverse this mesh of connections than humans, creating a significant identity risk. Similarly, Valence Security aims to map SaaS-to-SaaS mesh, handle misconfigurations, and remediate vulnerabilities throughout the entire value chain of software building.

Pangea, on the other hand, is addressing the need for secure software build options, taking second place at the RSA competition. They offer a shift-left approach that empowers developers to write secure code in the first place, putting them in the driver’s seat rather than requiring them to argue with SecDevOps.

## Defending against ML system attacks

Hidden Layer, the RSA competition winner, is specifically designed to defend against attacks on ML systems. Traditional cybersecurity solutions may not be equipped to deal with these newer threats, and Hidden Layer is hoping to fill this gap. It found that intellectual property theft from ML systems has been ignored thus far, generating a cybersecurity vulnerability. Inference attacks that can probe deployed ML models, learn to create labels that automatically train new models, are the tools used to clone intellectual property. Hidden Layer protects customer models while they’re still being staged, detects their vulnerabilities, and obfuscates models once deployed, offering customers a managed detection service specifically tailored to ML.

Zama is also addressing the vulnerability of intellectual property when third-party AI providers are involved. To prevent sensitive data from leaking, it uses fully homomorphic encryption, allowing application developers to encrypt sensitive data into structures of cipher text and share them with third-party AI providers. Zama then returns back quantized analytic insights that are decrypted with the data still intact.

## Conclusion

In brief, the RSA Innovation Sandbox highlights the need for new solutions to address the cybersecurity challenges faced by the emerging software building industry and defend against newer threats to machine learning systems. Startups like Hidden Layer and Zama are solving new vulnerabilities that the entire cybersecurity sector has almost ignored thus far. However, the industry needs to coordinate to prioritize handling these new attack surfaces instead of waiting for them to spawn into disasters.