NetSPI penetration testing secures AI and ML

  • August 9, 2023
  • Steve Rogerson

Minneapolis-based NetSPI has introduced AI penetration testing, a holistic approach to securing machine-learning (ML) models and LLM implementations.

The ML and AI offering combines the company’s proven testing methodology with its deep adversarial machine-learning knowledge to help organisations build more secure models.

It focuses on two core components: identifying, analysing and remediating vulnerabilities on machine-learning systems such as large language models (LLMs); and providing grounded advice and real-world guidance to ensure security is considered from ideation to implementation.

As adoption of ML and AI accelerates, organisations must understand the threats that accompany this technology to identify areas of weakness and build more secure models. NetSPI’s testing methodology is rooted in adversarial machine learning – the study of adversarial attacks on ML and corresponding defences. With this foundational research, the company’s offensive security experts have the knowledge to understand and mitigate vulnerabilities within ML models by putting them to the test against real adversarial attack techniques.

“Securing technologies like ML and AI can be daunting, but our customers do not have to navigate the journey alone,” said Nick Landers, vice president at NetSPI. “Innovation in this space shows no signs of stopping, and we’re excited to bring our wealth of knowledge in machine learning, cyber security and data science to help organisations navigate the emerging space with security top of mind. Our goal is not to slow innovation, but to help organisations innovate with confidence.”

The penetration testing caters to organisations seeking to enhance the robustness, trustworthiness and security of their ML systems, with a particular focus on LLMs.

During an assessment, customers can expect:

  • A dedicated partner through ideation, development, training, implementation and real-world deployment
  • Holistic and contextual security testing across their tech stack, leveraging NetSPI’s application cloud and network security testing expertise
  • An evaluation of defences against major attacks and tailored adversarial examples
  • Guidance on how to build a robust pipeline for development and training
  • Vulnerability reports and remediation instructions delivered via NetSPI’s PTaaS platform

“Every new paradigm shift brings along a new set of opportunities and challenges, and the widespread adoption of machine learning is no different,” said Vinay Anand, chief product officer at NetSPI. “There is no silver bullet for ML and AI security, yet securing these systems is paramount. Our new pentesting equips businesses with the knowledge, tools and best practices needed to protect their machine-learning systems from adversarial threats and improve overall resiliency to attacks.”

NetSPI is headquartered in Minneapolis, with offices across the USA, Canada, UK and India.