At Black Hat 2024, Qualys announced and showcased an upcoming extension to its TruRisk Enterprise Platform, TotalAI The solution will assist organisations in understanding the risks associated with Generative AI (GenAI) and large language models (LLMs).
Sumedh Thakar, President and CEO of Qualys, said, “We’re only beginning to scratch the surface of AI and LLM’s potential for driving value for enterprises. At the same time, we need to secure this burgeoning journey, so it doesn’t add new risk to the business.
“At Qualys, we are committed to helping our customers stay ahead of emerging cybersecurity risk, and with Qualys TotalAI, enterprises can focus on growth and innovation, knowing they will stay protected from the most critical AI threats.”
Why TotalAI?
The growth of GenAI and LLMs inside organisations comes with opportunity and risk. Qualys is looking to address that risk by targeting what it sees as an expanded attack surface. The company says, “Traditional cybersecurity practices are proving insufficient to address these new challenges.”
Interestingly, it sees the problems as mirroring many of those already experienced in IT. For example, the discovery of unknown or unapproved LLMs and GenAI models creates the same shadow IT problems as are already seen with the explosion of cloud-based apps.
Those problems include security, protection of sensitive data, data theft, vulnerabilities, patching, and management. Users are unlikely to manage their LLMs and GenAI models to identify security issues and carry out remediation. For organisations, hallucinations and made-up data increase the risk of reputational damage, compliance failure and data pollution.
What will TotalAI allow organisations to do?
As part of TruRisk Enterprise, TotalAI will leverage the asset visibility, vulnerability detection, and remediation capabilities inside the platform. It will apply those to find and manage LLMs and GenAI models. Qualys says it will “specifically addresses the OWASP Top 10 most critical risks for LLM applications: prompt injection, sensitive information disclosure, and model theft.”
Qualys lists four key focus areas for TotalAI. They are:
- Discover All AI Workloads: Discover, inventory, and classify all AI and LLM assets, including GPUs, software, packages, and models, in production and development while correlating their exposure with the attack surface.
- Prevent Model Theft: Extend the power of TruRisk to assess, prioritize and remediate AI software vulnerabilities with 650+ AI-specific detections, correlated with threat feeds and asset exposures, to prevent the risk of model and data theft.
- Secure AI Infrastructure: Leverage comprehensive remediation capabilities to exceed security requirements, align with SLAs, and meet business needs. Proactively mitigate potential threats to ensure seamless operations and a strong AI and LLM security posture.
- Detect Sensitive Data Disclosure: Assess LLMs for critical attack exposures like prompt injection, sensitive information disclosure, and model theft per the OWASP Top 10 for LLMs. This will ensure confidence in AI risk management and make models audit and compliance ready.
Enterprise Times: What does this mean?
As with many technologies, enterprises are unable to deliver what users want at the speed the business demands. This creates a fertile breeding ground for shadow IT and all its problems.
Qualys is looking to address how to de-risk GenAI models and LLMs with TotalAI. By making it part of the TruRisk Enterprise platform, it can hook to tools that enterprise security teams already use. That means there is no additional learning requirement for teams to adopt TotalAI. It also means that it fits into existing working processes, making this a smooth upgrade.
The question is how quickly customers will adopt it and how they will use it. The latter is important because it can’t be used to simply block the use of new technologies and innovation. Doing so will only drive users to find other avenues to take advantage of the technologies.
Another question is whether this will open up a new customer base for Qualys. It’s easy to see it as an automatic add-on for existing TruRisk customers, but can Qualys use it to unlock new customer wins?