SydeLabs raises $2.5M seed to develop an intent-based firewall guard for AI

Generative AI is the new driving force of modern businesses, but the same technology has the potential to open the gate to entirely new attack vectors, risking a business and its reputation in no time. SydeLabs, a California-based startup, is solving this challenge with a real-time, intent-based firewall. The startup today raised $2.5 million in seed funding from RTP Global, Picus Capital and other angels.

While there are multiple other players in the AI security space, SydeLabs aims to distinguish from them with its comprehensive suite of solutions that helps developers stay clear of large language model (LLM) vulnerabilities, including the lesser-known ones, at all stages of the project lifecycle – from development to deployment.

The company is already working with a few organizations and plans to use the fresh capital to focus on R&D and upgrading its tech stack to stay ahead of bad actors looking to compromise generative AI systems of enterprises.

What does SydeLabs have on offer?

At the core, SydeLabs has developed three key AI-focused products: SydeBox, SydeGuard and SydeComply. The first, currently available in beta, is a self-service red-teaming solution that allows teams to stress-test their AI apps and models to find if they are susceptible to any vulnerabilities. The other two, slated to go live soon, are aimed at providing intent-based protection in real-time and highlighting/fixing the gaps in AI systems that could lead to compliance issues in different parts of the world.

“During the beta of SydeBox, we have been able to uncover various vulnerabilities like training data leaks, system prompt leaks, prompt injections, safety alignment bypasses, etc. On the other hand, our real-time intent-based protection system SydeGuard can detect and prevent prompt injections, denial of wallet attacks, data leak attempts, system prompt leaking attempts, misuse of AI systems, etc,” Ankita Kumari, who co-founded SydeBox with Patwa, told VentureBeat.

The red teaming solution uses an AI agent that crafts test attacks (based on in-house research and public data) and an LLM that detects the success of the attacks based on the response of the target system. 

Meanwhile, SydeGuard uses a combination of proprietary models that identify the intent of the end user across various Tactics, Techniques, and Procedures (TTPs). The models look at every single prompt for potential threats and give a risk score to the prompt, the user’s session and the user itself. 

However, based on this profile, it does not block out the user right away. Instead, it shares the data with enterprise security teams while giving them options to either block the prompt/user, monitor and give a standard response or send it to a honeypot to deceive the attacker with dummy data. This gives teams control over how they want to deal with a potential attack.

Kumari did not share much about the compliance-centered offering, although it appears that it would use the detection capabilities being developed to flag the gaps where a company might violating internal or external regulations.

10,000 vulnerabilities flagged within a month

As of now, SydeLabs is in the pre-revenue stage and moving swiftly to build up its offering and make money. The company launched its red teaming solution, SydeBox, on March 1, 2024, and has since seen adoption from 15+ enterprises that have detected over 10,000 vulnerabilities across 50+ applications/models. These apps/models are either live in production or still under development, Kumari confirmed.

With the seed round, the startup plans to focus on research and development and move closer to making SydeGuard and SydeComply available to customers. In the long run, it intends to offer the red teaming solution free of cost to enterprises looking to detect vulnerabilities in their application and monetize SydeGuard using a consumption-based model.

“A key aspect of the success of a cyber security product is its accuracy and ability to stay ahead of the bad actors. Hence, we lay huge emphasis on constantly upgrading our model on new attack vectors and new attack modus operandi,” the co-founder added.

The funding for the startup comes at a time when the safety and reliability of gen AI apps are under major scrutiny owing to several instances of prompt injection attacks leading to the generation of deepfakes of high-profile celebrities. Just recently, Microsoft announced a new set of Azure AI tools for detecting hallucinations and preventing attacks. Skyflow, a startup providing enterprises with a privacy vault for secure AI development, has also raised $30 million in a fresh round.

In the space of red teaming and real-time prevention, SydeLabs competes with players like Lakera and Prompt Security. However, Kumari emphasized that SydeLabs has more on offer than these players. Plus, she said, early tests show that the company’s products easily outperform all these tools in terms of accuracy and performance.