State of AI Security
The end of November, 2022, marked the beginning of what has become the biggest boom in the cybersecurity industry. One company notably foresaw what the introduction of ChatGPT would bring. That was ProtectAI, which, according to its founder, Ian Swanson, had early access to the OpenAI Playground. ProtectAI received funding in December of 2022 and exited to Palo Alto Networks in April of this year for a reputed $650 million.
Including Protect AI there have already been eight acquisitions of AI Security startups. With 160 vendors tracked in the IT-Harvest Dashboard it is easy to predict there will be many more acquisitions. There are more AI Security companies tracked than IoT Security companies (150). We only created a category for AI Security 18 months ago.
What is an AI Security Vendor?
We have defined the AI Security category to be inclusive of “AI for security” as well as “security for AI.”
Security for AI is all of the products meant to protect AI models in their creation and use. This is where Protect AI sits. For the most part, the foundation model companies like Anthropic or OpenAI recognize their own security issues and have the expertise to address them. But implementers within the enterprise may have dozens or hundreds of projects each with their own versions of commercial and open source models. These need protecting.
Company data also needs to be protected. The Guardrail providers can be thought of as DLP for AI. In other words, they monitor either prompts or responses for PII, corporate confidential information, medical records, etc. These products generate alerts and/or block the data from escaping.
Surprisingly, AI Governance, almost matches Guardrails. Part of the reason for this was the very fast response to the rise of large language models by the EU who passed the EU AI Act in August of 2023. Beyond regulations, buyers are asking vendors to attest to their use of AI in their products and services. That will be fertile ground for AI Governence vendors.
Here is how the vendor space appears today. There are 160 stand-alone AI Security vendors. They have taken in a total of $2.15 billion. There are also older companies that are pivoting and rebranding as AI Security companies. There are many large vendors that, through acquistion or innovation, have added AI Security tools as well.
The SOC automation category is easily the most exciting to track. It has the potential for completely disrupting multiple categories such as SIEM, XDR, Security Analytics, and Operations. Every SOC Automation company I have talked to has paying enterprise customers since the beginning of this year.
There has been $660 million invested in 26 SOC Automation vendors to date. But don’t discount the boot strapped vendors like Imperum in Amsterdam which has grown organically to $1 million ARR since the launch of its “AI-driven autonomous Sec-Ops” platform in January 2024.
Here are the fastest growing SOC Automation vendors by head count.
That is not a typo for Legion Security, they just started the year at a low number. Legion deploys a browser extension that can train an agent on any repetitive task, which makes it great for SOC automation. An expert repeats the same workflow three or four times. The agent learns it. Then it can be observed on its own and finally cut loose to work in the background.
Here are the 21 vendors providing Guardrails. While SOC Automation presents an opportunity to reduce costs, increase effectiveness, and get ahead of the attackers, Guardrails address the concerns enterprises and school systems have that AI will be abused. It provides a control layer, often itself powered by AI.
A total of $220 million has been invested in Guardrails to date. Note that Prompt Security was already acquired by SentinelOne on August 5 for an estimated $250 million.
M&A
Speaking of acquisitions there have been eleven twelve of AI Security startups so far, representing a total value of $2.78 billion. Five in the first half of September alone!
The land grab is on and there are still some very large companies on the sidelines without a great AI story. Splunk comes to mind after seeing their messaging at Black Hat in August where the call to action was “Build Your Dream SOC.” Never has a marketing team misread the room so badly. It reminds me of the days of Big Iron. The days of building bigger and bigger data lakes with propriatary formatting and specialized retrieval languages are gone. Send all of your logs to S3 buckets and let the AI figure it out. Splunk has to become relevent quickly in the new SOC Automation space by acquiring one of the 26 players. Don’t be surprised if they pay over $1 billion.
Watch the webinar I recorded to go along with this post.
Edits to number of acquisitions as readers provide more information. Thanks!
This is very helpful. Thanks for compiling this. There’s also a bunch of security companies now getting into the dev productivity space truly unifying devsecops
Nicely done, Richard!