CFOtech Australia - Technology news for CFOs & financial decision-makers
Australia
Guides
#
cybersecurity
#
data analytics
#
data analytics
#
digital transformation
#
hybrid & remote work
Search
Story image
#
AI
#
Cybersecurity
#
Analyst report

Qualys launches TotalAI to tackle LLM cybersecurity risks

Tue, 6th Aug 2024
Author image
By Melania Watson, Interview Editor

Qualys has announced the release of Qualys TotalAI, a new solution aimed at addressing the critical risks associated with large language model (LLM) applications, including prompt injection, sensitive information disclosure, and model theft. The solution, which expands Qualys' existing enterprise security and compliance capabilities, will be showcased at Black Hat 2024.

Philip Bues, senior research manager at IDC, remarked on the importance of this development.

"As the global adoption of AI and large language models (LLMs) accelerates, outpacing governance and safety measures, it's crucial for organisations to implement robust protections," he said.

"Qualys TotalAI is focused on providing businesses with the tools they need to confidently secure their AI investments, offering comprehensive visibility and defence against emerging cyber threats."

The increasing integration of AI and LLMs into various products and solutions has significantly widened the attack surface for many organisations, creating new cybersecurity challenges. Traditional cybersecurity practices have proven insufficient in addressing these new risks. They include the potential for model theft, data leaks due to existing vulnerabilities or misconfigurations, and accidental data loss, all of which can lead to compliance issues and reputational damage resulting from inappropriate content or AI hallucinations generated by these models.

Qualys TotalAI aims to empower organisations by expanding their existing asset visibility, vulnerability detection, and remediation capabilities to cover generative AI and LLM technologies.

Specifically, the solution addresses the top 10 most critical risks for LLM applications identified by OWASP, including prompt injection, sensitive information disclosure, and model theft.

"We're only beginning to scratch the surface of AI and LLMs' potential for driving value for enterprises," stated Sumedh Thakar, president and CEO of Qualys.

"At the same time, we need to secure this burgeoning journey, so it doesn’t add new risk to the business. At Qualys, we are committed to helping our customers stay ahead of emerging cybersecurity risk. With Qualys TotalAI, enterprises can focus on growth and innovation, knowing they will stay protected from the most critical AI threats."

Qualys TotalAI brings several features to the table, allowing organisations to discover, inventory, and classify all AI and LLM assets, including GPUs, software, packages, and models. The solution helps organisations prevent model and data theft by assessing, prioritising, and remediating AI software vulnerabilities. Additionally, it aims to secure AI infrastructure by leveraging comprehensive remediation capabilities to exceed security requirements, align with service level agreements (SLAs), and meet business needs. The solution also includes tools to assess LLMs for critical attack exposures like prompt injection and sensitive information disclosure.

Qualys TotalAI will be available in the fourth quarter of 2024.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Cloudera launches new data security service amid breach surge
Tecala joins Netskope MSP Program for enhanced cloud security
Australian firms unprepared for privacy act identity security changes
SuiteWorld 2024: Annexa's successes and the future of AI in Cloud ERP
Hiding in plain sight – How attackers conceal malware in everyday web resources
Top stories
Cloudera makes waves in ANZ with hybrid data approach
Cloudera’s AI play is all about data, leveraging a decade of experience
Versent to assist in navigating mandatory climate reporting
Renowned insolvency expert Michael Makridakis joins Taylor David
Atturra completes first phase of Unitywater development portal