Operant AI has raised $10 million in a Series A funding round. The round was led by SineWave Ventures and Felicis. Others who participated include Alumni Ventures, Massive, Calm Ventures, Gaingels, and other industry-expert angels.
It brings Operant AI’s total funding to $13.5 million. The company says the money will be used to expand the team and develop the product. There is no suggestion of opening new offices yet, which will likely come around the time of Series B funding.
What is interesting is the changes to the board that come with this announcement. Patricia Muoio, partner at SineWave Ventures and former NSA/DoD leader, and Nancy Wang, Venture Partner at Felicis and former General Manager / Director of Data Protection at AWS, will join Operant AI’s Board of Directors.
Dr Priyanka Tembey, Operant AI’s co-founder and CTO, said, “In the race towards cloud innovation and AI application development, tons of companies are sharing access to common APIs and open source code that leave the doors wide open to new types of attacks like zero day vulns and data exfiltration through open APIs.
“Predicting which threats are the most exploitable and combining that knowledge with signals of criticality so that we are razor-focused on proactively shielding against the most dangerous attacks is absolutely critical to making real-time protection work in the real world.”
Who are Operant AI?
Operant AI describes itself as a runtime application protection platform. It claims it “actively shields every layer of live applications from infra to APIs.” It says it secures “the entire “cloud within the cloud” including all APIs, services, and identities beyond the firewalls.”
What does that mean? The use of the word Platform is important. The company offers a range of solutions for customers. Its core solution is its Cloud-Native Application Protection at Runtime (CNAPP), a cloud-native platform that provides end-to-end cloud and application security.
For Operant AI, this is about more than just the runtime. One of the big advantages of a CNAPP is how it integrates into a DevSecOps environment. It provides a set of pipelines and processes that harden product security. It goes beyond just testing code by adding AppSec Policy-As-Code. This ensures you can set unified security policies that stay with code from dev to deployment.
Another part of the solution is automating API Security. Operant AI maps all APIs, internal and third-party. Doing so creates a live manifest of what you are using and where. Combined with vulnerability scanning for APIs and API threat protection, it removes much of the risk API use brings. Importantly, should there be a vulnerability in an API, it can pinpoint where that API is used, enabling it to be remediated quickly.
Protecting AI assets
With organisations investing heavily in AI, Operant AI says it will protect AI assets. It claims to cover the top OWASP LLM risks, focusing on securing prompts, interaction, and data. Organisations are having to pay attention to this area.
APIs make it harder to spot and stop attacks that are exfiltrating data. Attackers are beginning to develop prompts as part of the attack. That allows them to zero in on core data faster than before. It also means that they can be sure that they get the data they want in a more focused way. They no longer have to rely on large exfiltration of data sets that they then have to work through. Instead, they can use the AI to do pre-exfiltration filtering.
If Operant AI can identify suspect prompts, it offers more than a security solution. Many organisations have little to no real prompt engineering experience. That means that using prompts in code to speed up applications is inefficient and prone to security lapses. This can be seen as improving knowledge, software engineering, and data security.
Regulators are paying ever more attention to AI and how it works. Compliance teams need tools to better understand risk, both internal and external. It will be interesting to see how Operant AI appeals to that market.
Enterprise Times: What does this mean?
Operant AI has done a lot with its initial seed money and investment. This latest Series A funding will give it a significant boost. This round of funding focuses on bringing in more staff and product development. However, will it make any early acquisitions to get key talent and speed up product development? It’s a well-trodden route, but is generally for larger businesses. Will the current investors see that as an important route?
Another question is sales growth. It has done well so far and will hope to become cash-positive quickly, but it is in a rapidly changing market. Will it seek funds to expand its sales teams and target new territories?