ngrok unveiled its JavaScript and Python SDKs, enabling developers to programmatically serve their applications and manage traffic by embedding ingress with a single line of code.
Gartner: 34% of Organizations Already Using or Implementing AI Application Security Tools
September 20, 2023
One third (34%) of organizations are either already using or implementing artificial intelligence (AI) application security tools to mitigate the accompanying risks of generative AI (GenAI), according to a new survey from Gartner, Inc.
Over half (56%) of respondents said they are also exploring such solutions.
A quarter (26%) of survey respondents said they are currently implementing or using privacy-enhancing technologies (PETs), ModelOps (25%) or model monitoring (24%).
"IT and security and risk management leaders must, in addition to implementing security tools, consider supporting an enterprise-wide strategy for AI TRiSM (trust, risk and security management)," said Avivah Litan, Distinguished VP Analyst at Gartner. "AI TRiSM manages data and process flows between users and companies who host generative AI foundation models, and must be a continuous effort, not a one-off exercise to continuously protect an organization."
IT Is Ultimately Responsible for GenAI Security
While 93% of IT and security leaders surveyed said they are at least somewhat involved in their organization's GenAI security and risk management efforts, only 24% said they own this responsibility.
Among the respondents that do not own the responsibility for GenAI security and/or risk management, 44% reported that the ultimate responsibility for GenAI security rested with IT. For 20% of respondents, their organization's governance, risk, and compliance departments owned the responsibility.
Top-of-Mind Risks
The risks associated with GenAI are significant, continuous and will constantly evolve. Survey respondents indicated that undesirable outputs and insecure code are among their top-of-mind risks when using GenAI:
■ 57% of respondents are concerned about leaked secrets in AI-generated code.
■ 58% of respondents are concerned about incorrect or biased outputs.
"Organizations that don't manage AI risk will witness their models not performing as intended and, in the worst case, can cause human or property damage," said Litan. "This will result in security failures, financial and reputational loss, and harm to individuals from incorrect, manipulated, unethical or biased outcomes. AI malperformance can also cause organizations to make poor business decisions."
Methodology: The Gartner Peer Community survey was conducted from April 1 to April 7 among 150 IT and information security leaders at organizations where GenAI or foundational models are in use, in plans for use, or being explored.
Industry News
December 06, 2023
Data Theorem introduced API Attack Path Visualization capabilities for the protection of APIs and the software supply chain.
December 05, 2023
Security Journey announced support for WCAG, SCIM and continued compliance with SOC2 Type 2, which are leading industry standards.
December 05, 2023
Vercel announced a new suite of features for its Developer Experience (DX) Platform, made for enterprise teams with large codebases.
December 04, 2023
Atlassian Corporation has completed the acquisition of Loom, a video messaging platform that helps users communicate through instantly shareable videos.
December 04, 2023
Orca Security announced that the Orca Cloud Security Platform has achieved the Amazon Web Services (AWS) Built-in Competency.
November 30, 2023
Parasoft, a global leader in automated software testing solutions, today announced complete support for MISRA C++ 2023 with the upcoming release of Parasoft C/C++test 2023.2.
November 30, 2023
Solo.io achieved the Amazon Elastic Kubernetes Service (Amazon EKS) Ready designation from Amazon Web Services (AWS).
November 29, 2023
CircleCI implemented a gen2 GPU resource class, leveraging Amazon Elastic Compute Cloud (Amazon EC2) G5 instances, offering the latest generation of NVIDIA GPUs and new images tailored for artificial intelligence/machine learning (AI/ML) workflows.
November 29, 2023
XM Cyber announced new capabilities that provide complete and continuous visibility into risks and vulnerabilities in Kubernetes environments.
November 29, 2023
PerfectScale has achieved the Amazon Elastic Kubernetes Service (Amazon EKS) Ready designation from Amazon Web Services (AWS).
November 28, 2023
BMC announced two new product innovations, BMC AMI DevX Code Insights and BMC AMI zAdviser Enterprise.
November 28, 2023
Rafay Systems announced the availability of the Rafay Cloud Automation Platform — the evolution of its Kubernetes Operations Platform — to enable platform teams to deliver automation and self-service capabilities to developers, data scientists and other cloud users.
November 28, 2023
Bitrise is integrating with Amazon Web Services (AWS) to provide compliance-conscious companies with greater access to CI/CD capabilities for mobile app development.
November 28, 2023
Armory announced a new unified declarative deployment capability for AWS Lambda.
