{"id":3064,"date":"2024-04-11T14:34:50","date_gmt":"2024-04-11T19:34:50","guid":{"rendered":"https:\/\/www.darkreading.com\/data-privacy\/knostic-brings-access-control-to-llms"},"modified":"2024-04-11T14:34:50","modified_gmt":"2024-04-11T19:34:50","slug":"knostic-brings-access-control-to-llms","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/04\/11\/knostic-brings-access-control-to-llms\/","title":{"rendered":"Knostic Brings Access Control to LLMs"},"content":{"rendered":"
<\/a><\/div>\n
<\/div>\n

Security startup Knostic is the latest company <\/span>addressing the various challenges<\/a><\/span> organizations face as they adopt generative AI tools. Knostic emerged from stealth with $3.3 million in pre-seed funding to bring \u201cneed to know\u201d access controls for large language models.<\/span><\/p>\n

Enterprises in their AI transformation journey are sprinkling AI capabilities throughout their workflow and processes to boost productivity, reduce costs, and increase efficiency, says Gadi Evron, co-founder and CEO of Knostic. Enterprises are adopting large language models to build ChatGPT-like enterprise search systems based on their own data sources, or enabling capabilities that are bundled into the applications and platforms they are already using. Data privacy is one of the biggest barriers to AI adoption, Evron says, noting that AI without controls potentially exposes the organization to increased risk, primarily by exposing information to the wrong person.<\/span><\/p>\n

\u201cHow can we curate personalized information and actually give you value? Answer with what you need to know instead of just saying stuff,\u201d says Evron.<\/span><\/p>\n

Access Control for LLMs Is Necessary<\/h2>\n

With Knostic, employees can access everything they need, and receive answers that align with what they need to know in order to do their job.<\/span><\/p>\n

For example, an organization can have a system that can answer questions such as features expected in the next product release, the latest sales numbers and revenue figures, bonus structure, due diligence results in a mergers and acquisition scenario, or the status of an infrastructure project. But everyone shouldn\u2019t get the same answer to every question. While the CFO and CTO needs to know the quarterly sales revenue, the marketing intern probably does not, Evron notes. Knostic\u2019s access control engine considers whether the answer is appropriate for the questioner\u2019s role, and if it is not, answer with a \u201cI\u2019m sorry, that is confidential information,\u201d Evron says. Or instead of just saying no, the system can respond that even though the answer is confidential, the marketing campaigns the intern worked on boosted sales over the quarter. That\u2019s where personalization and curation comes in.<\/span><\/p>\n

One thing Evron emphasizes is that access control is binary \u2014 either the person can have access or they cannot. Knostic\u2019s focus on \u201cneed to know\u201d makes it possible to provide some information even when the answer is no. \u201cWhen we say no, we are not enabling the business,\u201d Evron says, noting that providing information in a different format or with related context helps the business user more than just being told no.<\/span><\/p>\n

\u201cOnce you figure out what you are allowed to know, you can solve DLP [Data Loss Prevention] and IAM [Identity Access Management,\u201d Evron says.<\/span><\/p>\n

What \u201cNeed to know\u201d Looks Like<\/h2>\n

When thinking about access control, organizations need to consider factors such as whether the system is internal or public-facing, whether the data used to generate responses is sensitive or not sensitive, and the role of the person asking the questions, says Sounil Yu.<\/span><\/p>\n

There has been a lot of discussion about how organizations need to build guardrails into AI systems to prevent abuse or providing answers that could cause harm. However, guardrails tend to be one-size-fits-all and doesn\u2019t account for a person\u2019s specific circumstances, Yu says. Consider how many publicly-available chatbots would not provide medical information because it is not a medical professional and should not be used for diagnostics. But if it\u2019s a physician trying to access information as part of an investigation, that particular restriction is not helpful. Access control, unlike guardrails, take into account factors such as time, sensitive of data, and person\u2019s role to determine how to shape the answers.<\/span><\/p>\n

For example, the company may have a customer service chatbot that helps troubleshoot and assists in fixing common issues. That chatbot will have access to the same internal knowledgebase articles the customer service representative would have. But what happens if there is an article about a product that is not yet available on the market (say the latest iPhone)? The customer service representative needs that information so that they will be ready when the product is available, and may need it beforehand for training purposes. But there will be a lot of problems for that company if the customer learns details about the product from the chatbot before launch.<\/span><\/p>\n

Instead of creating two systems \u2014 one for internal use and one public-facing \u2014 the company can conceivably use Knostic\u2019s approach to provide different answers to the customer and to the customer service representative.<\/span><\/p>\n

Company Details<\/h2>\n

Evron and Yu, have deep industry expertise. Evron was the founder of deception startup Cymmetria, and previously held roles in Citibank and PwC. Yu is the former chief security scientist at Bank of America and former CISO and head of research at JupiterOne.<\/span><\/p>\n

Knostic, founded in 2023, has raised $3.3 million in pre-seed financing from Sheild Capital, Pitango First, DNS Ventures, Seedcamp, and several angel investors. Retired Admiral Mike Rogers, the former head of the National Security Agency, said in a statement the startup will \u201cunlock LLMs for enterprises.\u201d<\/span><\/p>\n

Knostic has customers across a range of industries, including retail and financial services.<\/span><\/p>\n

The company is also one of the top three finalists for the 2024 RSA Conference Launch Pad. At Launch Pad, founders of new (incorporated for two years or less) companies get to pitch ideas and products \u201con the cusp of being the next big thing\u201d to a panel of venture capitalists.<\/span><\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Security startup Knostic is the latest company addressing the various<\/p>\n","protected":false},"author":12,"featured_media":3065,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-3064","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/knostic-brings-access-control-to-llms-scaled.jpg?fit=2560%2C1393&ssl=1",2560,1393,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/knostic-brings-access-control-to-llms-scaled.jpg?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/knostic-brings-access-control-to-llms-scaled.jpg?fit=300%2C163&ssl=1",300,163,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/knostic-brings-access-control-to-llms-scaled.jpg?fit=640%2C348&ssl=1",640,348,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/knostic-brings-access-control-to-llms-scaled.jpg?fit=640%2C348&ssl=1",640,348,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/knostic-brings-access-control-to-llms-scaled.jpg?fit=1536%2C836&ssl=1",1536,836,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/knostic-brings-access-control-to-llms-scaled.jpg?fit=2048%2C1115&ssl=1",2048,1115,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/knostic-brings-access-control-to-llms-scaled.jpg?fit=1024%2C557&ssl=1",1024,557,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/knostic-brings-access-control-to-llms-scaled.jpg?resize=825%2C575&ssl=1",825,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/knostic-brings-access-control-to-llms-scaled.jpg?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/knostic-brings-access-control-to-llms-scaled.jpg?fit=2560%2C1393&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3064","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=3064"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3064\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/3065"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=3064"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=3064"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=3064"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}