Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More
As 2024 nears its conclusion, the state of play in enterprise technology is that companies of all sizes and domains are keen to leverage their data in generative AI applications that improve internal (employee-facing) or external (customer/partner-facing) processes.
However, ensuring that they do so securely is another challenge—especially for companies that don’t specialize in security. Many enterprises’ existing security solutions may also be inadequate or unprepared for the AI era and the many capabilities they want to unleash with their data piped through AI.
Enter Noma, an Israeli startup specializing in AI enterprise security. Today, it exits stealth mode with a Series A round led by $32 million Ballistic Ventures and supported by Glilot Capital Partners and Cyber Club London, as well as angels including the chief information security officers (CISOs) from companies like McDonald’s, Google DeepMind, Twitter, Atlassian, BNP Paribas, T-Mobile and Nielsen.
Noma provides a comprehensive security platform that ensures the integrity of enterprise customer’s data from the very start, before they do anything to it, all the way through to leveraging it to train and/or deploy AI models and custom applications.
The platform is already in use by several Fortune 500 companies.
Tackling security challenges in the data and AI landscape
Niv Braun, co-founder and CEO of Noma, told VentureBeat in an interview about the pressing need for targeted security in AI workflows. “
“Today’s AI and data science models face unique security risks, like prompt injection and data leakage, that simply aren’t covered by standard security tools,” he said.
These issues are becoming more common as organizations experience security incidents due to misconfigured MLOps tools and unverified open-source models.
This gap inspired Braun and his co-founder, Alon Tron, to create Noma.
“My co-founder Alon and I served together in the military, and we both saw firsthand the gap in security tools for data science and AI workflows,” Braun said. “In application security, we had tools that helped software engineers work securely, but for data teams—data scientists, engineers, and analysts—there was nothing similar. They were left unprotected.”
Both co-founders served in Israel’s elite 8200 intelligence unit. Combining expertise from their backgrounds in security and data science, they quickly a team skilled in AI and application security.
What Noma’s three-tiered platform offers
Noma’s platform is designed to safeguard every stage of AI model development and operation, incorporating security tools that cover:
- Data & AI Supply Chain Security: Ensures secure environments, pipelines, and development tools, mitigating the risk of compromised data and AI supply chains.
- AI Security Posture Management (AI-SPM): Provides a comprehensive inventory and security management solution for both first- and third-party AI models, aiming to protect assets before they enter production.
- AI Threat Detection & Response: Actively monitor AI applications to detect adversarial attacks in real time and enforce safety protocols during runtime.
Braun emphasized the consolidation that Noma’s platform offers to customers. “Our platform includes three products: data and AI supply chain security, AI security posture management, and AI runtime defense.”
But, for those that wish, each of the three domains can be applied ad-hoc, a la carte.
“A major strength of our platform is that it consolidates everything into one solution,” Braun explained. “While customers can choose just one part, most prefer the comprehensive approach.”
Braun clarified that Noma offers a choice between an all-inclusive enterprise license and a modular, product-based option, both on an annual software-as-a-service (SaaS) subscription basis. He said 95% of customers have so far chosen the integrated, all-in-one approach.
Braun’s comments suggest that the enterprise license is positioned as the most cost-effective, flexible choice for customers looking for extensive, organization-wide access to Noma’s solutions.
Maximum flexibility and ease of use
Noma’s platform is compatible with diverse environments, supporting cloud-based, SaaS, or self-hosted configurations, and installs within minutes without requiring code changes.
“Integration is easy,” said Braun. “All customers need to do is connect our platform via API, and we automatically map and scan everything in their environment.”
This frictionless setup means data science teams can implement security controls without disrupting their workflows, a feature that Noma highlights as essential in high-velocity, AI-powered development.
Kobi Samboursky, Founder and Managing Partner at Glilot Capital Partners, extolled the value of Noma’s unified approach in a press release: “AppSec evolved over decades with fragmented tools for static and dynamic analysis, open source, supply chain, and runtime. Security teams have come to realize that they need consolidated solutions. Noma is uniquely positioned to tackle this problem from the start, consolidating multiple use cases into a single platform.”
In addition, Noma can be applied by those without extensive training in security or data infrastructure.
“We engage with both data and AI teams as well as security teams, and our platform doesn’t require deep expertise in either field,” he said. “Even in cases where security teams ran POCs (proof of concepts) without data science teams involved, they found it easy to integrate and use.”
At the same time, the platform turns these subjects into digestible, easy-to-understand insights for employees working in all departments.
“The platform itself is very self-educating,” Braun noted. “It explains the basic principles of security in a way that application security teams are familiar with, but with a new ‘data and AI’ layer.”
Addressing industry wants and needs
As security and compliance become more critical in AI adoption, Noma aims to facilitate collaboration between data science and security teams.
“Our mission is to bridge the gap between data science and security teams, making it easy for both to collaborate on securing AI workflows,” Braun said.
Noma’s approach is designed to improve transparency and simplify security processes.
“We make security simple for both teams, providing clear, understandable risk information and steps for remediation,” he added. “It’s all about reducing friction and improving collaboration.”
Jake Seid, co-founder and general partner at Ballistic Ventures, emphasizes the importance of security from the outset in a statement in a press release.
“As security and compliance become more top of mind for organizations adopting AI, embedding security from the start ensures that innovation can flourish without compromise,” Seid said. “Noma’s approach gives AppSec teams full visibility and confidence while empowering data science teams to move fast and drive business value.”
Noma’s ambitions are to lead the emerging field
Noma’s entry into the market marks a significant step in securing AI-driven business operations at scale.
With the growing use of AI in critical applications, the potential for security vulnerabilities in AI workflows becomes more acute.
Noma’s platform provides a much-needed safeguard, allowing enterprises to harness AI’s potential without compromising on security.
In addition, Noma is actively contributing to AI security standards and has participated in the development of U.S. government guidelines, such as NIST SP 800-218A, through its involvement with the OWASP AI Exchange.
With $32 million in fresh funding and early traction among high-profile customers, Noma seeks to become a leader in the emerging field of data and AI lifecycle security.
Source link