A new startup, Bold Security, has recently announced its emergence from stealth mode, boasting a notable $40 million in funding aimed at enhancing security for enterprise endpoints amidst the rapidly evolving landscape of artificial intelligence. The New York-based company plans to focus on developing AI agents that operate directly on user devices, which aligns with the increasing demands for robust security mechanisms in the age of AI.

As described by co-founder and CEO Nati Hazut, the recognition of the risks associated with AI-driven applications that function on endpoints has prompted Bold to aim at delivering real-time risk reduction, improved scalability, and alleviating privacy concerns for large enterprises. This shift is particularly significant considering the challenges posed by traditional cloud-heavy models, which fail to adequately serve the unique needs of enterprises in this new era.

“I think this piece was neglected for many years by enterprises,” Hazut stated during an interview with Information Security Media Group. “Now, because of what we see, we’re aiming at the enterprise endpoint in the age of AI.” This acknowledgment of the shifting landscape underlines a critical period wherein companies must reevaluate and enhance their security frameworks.

Small Language Models Rather Than Large Ones

As organizations increasingly integrate AI capabilities into applications that run directly on individual devices, the complexity of data interaction intensifies. Tasks such as manipulating files or interacting with AI assistants occur locally, presenting potential vulnerabilities, including data leakage and automation errors. Given that traditional security frameworks were initially designed without the needs of AI processes in mind, Bold’s approach aims to unlock the possible security solutions directly at the endpoint level.

“Now, we see how endpoints are getting stronger and better, and we see a lot of the workload going back to the endpoint,” Hazut noted. “It’s definitely getting more interesting to see what’s going on there.” In pursuit of this goal, Bold employs small language models that are minimized and retrained to operate efficiently on endpoint hardware. By focusing on a smaller model size, the company streamlines computational requirements without sacrificing performance.

Hazut elaborated on the philosophy behind Bold’s technological approach: “What we took as a challenge here with Bold is to run the AI agents locally on the devices to be able to provide a scalable solution that can also help with real-time risk reduction.” This strategy not only eliminates hidden cloud costs and third-party risks but also targets privacy issues more effectively.

Rather than deploying separate models for every function, Bold’s system utilizes a shared base layer with interchangeable upper layers designed for various tasks. This design not only ensures multi-tasking capabilities but also optimizes resource consumption. The company has set a benchmark wherein its AI tools should consume no more than a quarter of the resources typically used by non-AI competitors. Such efficient resource management is pivotal as organizations increasingly demand high performance without incurring exorbitant infrastructure costs.

“It’s not the billions of parameters and getting the privileges of an OpenAI or cloud running out there,” Hazut remarked, emphasizing the precision required in developing solutions tailored for enterprise contexts. This notion of finely-tuned AI capabilities seeks to address scalability while remaining budget-friendly for large enterprises.

Why Network Monitoring Stumbles With AI Agent Interactions

Amidst rising concerns about security, Hazut pointed out that many important activities—including file manipulation and AI agent interactions—occur directly on endpoints and frequently escape the scrutiny of traditional network monitoring tools. “We have today several desktop apps that are using certificate pinning,” he explained, highlighting the criticality of endpoint monitoring. Without adequate visibility into these interactions, firms may struggle to govern the use of applications effectively or monitor internal data access.

In light of these findings, Bold aims to create a unified endpoint platform that enhances visibility into user interactions, application behavior, and data movement. Hazut noted, “It’s not yet another agent. You replace other agents, agents that you don’t like with it,” reflecting the demand for innovation in an industry historically characterized by stagnation and minimal competition.

Ultimately, Bold Security stands on the cusp of a significant industry wave, with its founders recognizing the pivotal role that AI agents on endpoints will play in shaping future security measures. By focusing on local, streamlined solutions capable of adapting to the complex demands of modern enterprises, Bold is carving out a crucial niche in a rapidly evolving field.