Cloud misconfigurations are a significant contributor to data breaches in enterprise organizations, especially as more businesses transition to cloud and multicloud environments. Addressing and monitoring all endpoints and connections with cloud services is an overwhelming task for humans alone, which leaves room for these breaches to occur. However, Gomboc.ai, a startup specializing in deterministic artificial intelligence (AI), aims to tackle this issue by offering a unique approach that bypasses the limitations of generative AI models commonly used in the industry.
Gomboc.ai’s focus on deterministic AI has earned them a spot in the finals of the second annual Startup Spotlight, hosted by Black Hat USA. The company’s CEO and co-founder, Ian Amit, states that their primary objective is to solve the problem of cloud security misconfigurations. This is a significant achievement, considering that such misconfigurations are responsible for a majority of cloud breaches that occur in organizations.
Amit emphasizes the importance of addressing security misconfiguration backlogs, which pose an immediate threat to an organization’s cloud security posture. Existing solutions that prioritize and create tickets to address these issues often lack scalability. Gomboc.ai intends to provide a scalable way to tackle these misconfigurations and enhance cloud security.
Deterministic AI, as opposed to generative AI, is characterized by its ability to produce one specific, correct solution that remains consistent regardless of the input. Unlike generative AI, which relies on statistical analysis and can generate inaccurate or imprecise code, Gomboc.ai’s deterministic AI approach ensures that the output remains accurate and secure. This is particularly crucial in writing secure code, according to Amit.
To achieve their deterministic AI capabilities, Gomboc.ai has developed a proprietary ingestion engine that processes updates from cloud service providers in real-time. This engine applies the updates to a client’s existing network policies and implements necessary fixes automatically, without the need for human intervention. The tool seamlessly integrates into DevSecOps environments, simplifying the approval process and ensuring ease of tracking.
It is important to note that deterministic AI is not exclusive to Gomboc.ai. Other companies in the security space, such as Vouched and LighthouseAI, also utilize deterministic AI technologies. However, Gomboc.ai’s specialization in the complex multicloud environment sets them apart, allowing them to effectively leverage the technology to address cloud security misconfigurations.
Looking ahead, Gomboc.ai plans to expand its capabilities to include more environments, particularly focusing on multicloud and hybrid installations. The company’s future growth hinges on its ability to adapt its technology to meet the evolving needs of organizations in various cloud setups.
The company’s name, Gomboc, has an interesting origin. It refers to a geometric solid with two equilibrium points—one stable and one unstable. No matter how the shape is pushed or rolled, it always returns to its stable equilibrium point. Amit explains that Gomboc.ai’s platform transforms cloud infrastructures into self-righting environments from a security standpoint, ensuring stability and resilience as companies grow. The math-inspired name reflects the company’s passion for mathematics and their commitment to providing robust security solutions.
Gomboc.ai’s participation in the Black Hat Startup Spotlight signifies their recognition as a promising player in the industry. The event provides a platform for the four finalists, including Gomboc.ai, to present their business models to a panel of judges. Being eligible for the competition requires companies to be less than two years old and have fewer than 50 employees. The winners will be announced in a ceremony hosted by Dark Reading’s editor-in-chief, Kelly Jackson Higgins.
As Gomboc.ai continues to develop and enhance its offerings, the company remains committed to delivering innovative solutions for securing cloud environments. Their deterministic AI technology holds great potential in mitigating the risks associated with cloud misconfigurations, ultimately safeguarding sensitive data for enterprise organizations.