Paul Shomo’s 7th annual coverage of the RSAC’s startup competition, Innovation Sandbox, is out in DarkReading. In this episode, Paul recaps the show, tells you things you didn’t know about the finalists, some private thoughts from the judges, and highlights a very interesting trend in 2023: automation, ML and software-building tools are creating dangerous attack surfaces, that preoccupy 8 or 9 of this year’s 10 finalists.
Paul discusses Hugh Thompson and Paul Kocher’s quirky humor, how the judges felt about Zama pivoting from broad use of homomorphic encryption to a blockchain focus, and whether the judges meant to make a statement by choosing mostly startups which secure applications built by developers, data scientists or non-technical software builders, as opposed to cybersecurity’s traditional role in defending off-the-shelf software and hardware.
We are entering the 4th industrial revolution of AI and automation, hear how HiddenLayer and Zama secure ML systems. How Pangea, EndorLabs, Relyance AI, and Dazz ensure your software developers are writing secure code. And explore this new world of non-technical business users building API and SaaS integrations with orchestration, generative AI, and how Valence Security and Astrix secure them.
Finally take a look at SafeBase which enables the 3rd party risk process of SBOMs and questionnaires, and AnChain whose Web3 SOC secures blockchain contracts.
Send feedback to host Paul Shomo on Twitter @ShomoBits or connect on LinkedIn.com/in/paulshomo.
Paul Shomo’s 7th annual coverage of the RSAC’s startup competition, Innovation Sandbox, is out in DarkReading. In this episode, Paul recaps the show, tells you things you didn’t know about the finalists, some private thoughts from the judges, and highlights a very interesting trend in 2023: automation, ML and software-building tools are creating dangerous attack surfaces, that preoccupy 8 or 9 of this year’s 10 finalists.
Paul discusses Hugh Thompson and Paul Kocher’s quirky humor, how the judges felt about Zama pivoting from broad use of homomorphic encryption to a blockchain focus, and whether the judges meant to make a statement by choosing mostly startups which secure applications built by developers, data scientists or non-technical software builders, as opposed to cybersecurity’s traditional role in defending off-the-shelf software and hardware.
We are entering the 4th industrial revolution of AI and automation, hear how HiddenLayer and Zama secure ML systems. How Pangea, EndorLabs, Relyance AI, and Dazz ensure your software developers are writing secure code. And explore this new world of non-technical business users building API and SaaS integrations with orchestration, generative AI, and how Valence Security and Astrix secure them.
Finally take a look at SafeBase which enables the 3rd party risk process of SBOMs and questionnaires, and AnChain whose Web3 SOC secures blockchain contracts.
Send feedback to host Paul Shomo on Twitter @ShomoBits or connect on LinkedIn.com/in/paulshomo.
All right, let's get to actually innovation sandbox here. So if you're at my dark reading article, we're going to talk about some of the trends. I just want to talk, I just want to mention right up front. How much I enjoy the staff, host Hugh Thompson, who is not just the host and therefore for jokes and to be the good cop against Paul kocher's Simon Cowell bad cop routine, but you know Hugh Thompson is a notable venture capitalist in his own right and everyone from the host to the judge of panel and the questions in the Q&A is it's so smart. So educated, you learn so much and it's just a lot of fun. It's really well produced. So I enjoyed so much. And this year was a really fun year. Hidden layer, obviously one for a very timely, timely product that protects machine learning systems from adversarial AI attacks. Apparently, well, if you listen to the episode we had with them a few back, I had on their CEO and founder Chris Tito, they he talked about it silence. They had that breech back in 2019 that attacked their machine learning systems and attempted to damage and steal their intellectual property and apparently that had such a big impact packed on folks at silence. That they either went off to mitre and worked on miter Atlas, which is the new miter attack style framework, but for adversarial AI attacks on machine learning systems or they went out and worked in the solution like Chris and his crew did with hidden layer and it is just full of folks from silence around that time. So congratulations to them. Great win. But to tell you the truth for me, I love watching the winner and listening to them and getting to see them beat the competition, but for me, everyone there is a winner and I'm most interested in the trends that emerge as you go across ten different finalists that were picked by such a such an experienced and knowledgeable set of judges that represent represent very well the community of venture capitalists and private equity and of course typically have people that are product visionaries and leaders for big companies, whether it be you know I guess typically a checkpoint three door wasn't there this year, but they'll typically have folks like that as well. So let's see. One of the interesting things that I think I took away from this is if you think of traditional cybersecurity, traditional cybersecurity has been focusing on employees, securing while securing the technical interactions that employees have with IT infrastructure, IT assets, which means employees using off the shelf IT hardware and software, right? That was always a given, right? They buy software, they buy hardware, they're using it, it gets attacked by malware. There's vulnerabilities. Sure. But this year, what's so surprising is almost all of 2023s finalists. Centered around securing brand new attack surfaces that arise from the building of applications, machine learning systems and API integrations. Not using off the shelf software and hardware you know, we're not securing employees activities, employees are doing with off the shelf. Software and hardware. But we're looking at securing a tax creating as these customers are building their own applications, machine learning systems, and API integrations. That's pretty surprising that pretty much almost all. I think it was 8 out of ten fall into this category of what I would call software building. And I'm saying software building is a phrase. It's not really been a technical buzzword, but frankly, there's a technical buzzword broad enough for what I'm talking about here. Let's go over it and see what I'm talking about. So obviously, we know that there's been a rise of DevOps, every company in the last who, I don't know, what has it been 6 or 7 years, something like that, has recently become a software company, right? They hire loads of developers, I think there was a stat 24 million software developers are coming in the next year or will be up to that amount. Across a million companies globally was a stat that I think pangaea said on stage. Also, obviously, data scientists and machine learning engineers are producing AIML as a core business activity for even run of the mill businesses. And of course, I want to talk about DevOps and talking about software developers and data scientists. We're talking about the technical side of building software. But what's amazing about this automation era that I have to use a broad phrase of software building, not programming, but software building is that non developers are building software too, and there's a bunch of these finalists that really highlight that. Example, orchestration, just to give you some background here, orchestration has been a big automation buzzword for years. Lots of your and the premise of these orchestration products, whether it's IT or orchestration or security orchestration, is that lots of your existing products that you've already purchased? They already have. They expose APIs that you can do to task them to do things. So you can automate them. With an orchestration platform, a theoretically a non developer, if they have one of the new orchestration platforms, and they call them the no code platforms. Theoretically, without writing code, they can just drag the API calls of all the other software they have into these visual workflow diagrams. They create playbooks, and then they can run these playbooks to automate. Now, the users of orchestration don't need to be software developers again, because they're just dragging and dropping into these visual workflows. Behind the scenes, the workflow engine is creating code that's connecting together these APIs and automating behind. The playbook. That's a form of a non developer building automation. Chat GPT is another one generative AI, which is suddenly, I don't know if you would call it going mainstream because it's picking up so quick. Now, but chat GPT is another thing that is building software. And not a lot of people talk about this as much as they should. But chat GPT can write essays, of course. We know that. It can write tweets for you. You can ask if things in plain English. To do that, but you can also ask it as some of my upcoming episode founders for I think valence security and asterisk focused on APIs and SaaS integrations. They talked a good bit about general AI. And the fact that you can ask it to write a integration between your SaaS apps. You can ask it to pull down data from one of the APIs from one of your SaaS applications. And that's pretty scary that you have employees not programmers, not data scientists. That are able to build basically an integration and API integration application. Just with plain English, that is potentially mining or moving around your sense of data. Software builder, right? I need to use a term that broad because it's generated generative AI. It suddenly became that. I guess this is part of what people are seeing as the automation era, the fourth industrial revolution. If you buy into the hype over, there's been steam engines where the first industrial revolution, the PC was the second, the Internet, and ecommerce was the third and if you buy the hype, AI and automation is the fourth. And it's increasingly seeming reasonable to say that. Now, what I want to point out is what we saw here today with these finalists was broader than what we had seen in the past where technology has tried to secure the software supply chain. It's bigger than shifting left into code. It's really focusing on the software builders focusing on this era of automation is what these startups here at innovation sandbox did. Under the assumption that building automation is a standard part of what even business users do. And that's what a lot of these security companies are doing is looking at what attack surfaces do these software builders produce and how can we can we rein them in? Now, some people ask me because obviously I'm writing up an article of trends and as I've hopefully been documenting over the years and this podcast will document the trends in innovation sandbox are going to hit the rest of the industry on a multiyear delay. But some people have asked, you know, certain years of innovation sandbox, it almost seems like the judges are making a statement as an example, I think it was 2020. Yeah, it was 2020 was the year of the ransomware wars. And they were so focused on cloud native applications that they didn't really have a malware detection finalist, which some people in the media were really shocked about. So I kind of wrote an article about that. But I wasn't I think when I'm always trying to explain, even if there's some controversy in who the judges pick and whether the judges are signaling a trend, the judges are absolutely not trying to make a statement by doing something controversial or they're not trying to usher in the era of software builders in the fourth industrial revolution this year. They're basically going through hundreds of the top startup submissions and picking the best ten. But that said, even though, and I did talk to the judges about this and it absolutely was not premeditated that they picked 8 out of ten of these finalists to secure people building software instead of using off the shelf IT software and hardware. But in actual fact, what they're doing is, of course, they're looking at the best startups and what would be the biggest demand for new products and who are producing those. And there's something interesting about startups that they talk about a lot in venture capitalists on the show will is that when there's a new attack surface when there's a new part of the IT infrastructure or new business practice that exposes such a new attack server surface to attack. These are attack surfaces that are undefended customers will scramble to defend them. And they'll throw money at relatively immature software from startups because they got to have something. So I think probably the trend in the reason why it came out the way it did is that yeah, we're beginning the automation era. There's so many of these open attack surfaces from software builders. And that just happened to be the best ten submissions that the judges put through. And that is meaningful in and of itself. So let's actually go through them. So obviously there's three big attack surfaces that the or categories of attack surface is coming from the software building. The first is going to be AI and ML. And obviously hidden layer, the winner was part of that. But let's talk about the next startup that fell into that. So OpenAI is tempted many to gain insights and automation from many people want to get to gain insights and automation from third party AI providers like OpenAI and chat GPT. We want to leverage these large language models. But who wants to actually share their sense of data with them? And so the promise of homomorphic encryption is what if there's this crazy cryptographic trick, some, you know, thing where you can expose all of your sense of data to something like chat GPT. But you're actually not exposing a sense of data you're exposing encrypted forms of it. So you don't give up your secrets. Yet somehow this third party AI software is able to do its work, even though you're just giving it encrypted ciphertext and still it's able to give you back the right answers without ever seeing your private data. Well, this is a fully homomorphic encryption promises. It's a technology that people in AI and the cryptography world have been working on for a while and of course enter Xamarin this year, which is the finalist, the most recent finalist we've seen in innovation sandbox working on this. Holy Grail of AI privacy and cryptography and Xamarin is fully homomorphic encryption targets. Again, their targeting specifically application developers who want to who are developing applications they want to share their data with third party AI solutions. And so just to give you a little more information here on fully homomorphic encryption, essentially what it shares, it's a structure of ciphertext that the third party gets and somehow the magic is, even though this structured ciphertext, the encrypted ciphertext that you can't see the sense of data, there are certain neural networks or algorithms that are compatible with fully homomorphic encryption. They can run against it and then the answers and this structured ciphertext can be brought back, decrypt, decrypted, and during that decryption, the magic happens and it all lines up and the answer, you get answers to insights in your data without ever exposing it, right? That's the secret. Now, the reason why this super powerful tech isn't already widely used because clearly there would be demand for it. We'd all be using chat GP three chat GPT through some homomorphic fully homomorphic encryption protection layer. The reason why is because no one's really pulled it off because it's a real performance dog. And zama, they have a twist. There are secret sauce there are 11 herbs and spices is essentially quantization technique is what they call it. They're just holding data in integers. And for those who did some work in computer science or computer engineering, if you remember what it looks like to do math on integers, how many machine instructions it takes. It's way faster than floating points, which holds decimals. So integers over decimals are a huge performance optimization. So even though they are taking this quantization technique and maybe delivering the Holy Grail of AI, they're not there yet. They're founder basically admitted on stage that until cloud computing sped up. Homomorphic encryption isn't fast enough for 80% of AI applications. He had a big you can see it in the video. It's a big video that kind of shows you know the growth of cloud computing. We're used to seeing Moore's Law, this exponential curve. It looks like that. And then he has a line on 2025 and basically says until 2025 cloud computing is not fast enough for homomorphic. But in the immediate time before 2025, they're going to pivot to focus on blockchain because there is a market there for. Using this technology for blockchain, which is obviously there's been a lot of security issues with recently. So I don't know that if the judges knew this when they picked them as a finalist, because it seemed to raise some eyebrows, but I think everyone feels like homomorphic encryption is demand isn't going anywhere. And maybe they'll have some nice mature tech for one cloud computing, kicks into the proper range of performative levels in 2025 and maybe they're the company that takes off. So that was zama and homomorphic encryption. Let's go into the broader besides zama and hidden layer, which are really focusing on AI handling attacks or handling the attack surfaces produced by AI. The second big area, the second big trend that I would say comes out of this. Again under the broad, let's help out the software builders. Is that the shift left movement kind of got left behind this year at innovation sandbox and shift left, of course, is shifting left into code. It's generating these reports from analyzing developer code and telling the developers. Here's all your vulnerabilities. Go fix these. Well, every year for the last, I don't know how many years at innovation sandbox is sandbox. The joke amongst the judges was, why can't anyone ever make developers fix their code? And you could see kind of a sigh as the shift left movement kind of unfolded here as a pre trend over the years. But this year there's a distinct break with shift left. Instead, actually pangaea took second place, and their founder came out of the orchestration phenom phantom, which Splunk bought, of course. And their founder, you, he was on an episode. I think it was a couple of months ago. All of her friedrichs, but he has a nifty little phrase shift left to left, which means don't shift left into the code, shift, left of that to the developer. And phantom and a number of other of these, I think it could fall into that category. And phantom essentially, instead of picking on the developer's code, it enables the developer to build secure code in the first place. It provides already working security functionality that can be built into applications with one line API integrations. So it really helps the developer build code. It's the kind of startup you really could see at Google I/O or some kind of developer conference. It's really quite different than the code analysis scanners that we've seen in the past few years. It's actually a very interesting proposition because instead of having the arguments between DevOps and the developers, it just helps out the developers and gets them to build stuff that works in the first place. I like it. And then let's see, the next one also similar, you could call it shift left to left to enable developers, comes from in the form of indoor labs, which is, you know, there's this new category, the software composition analysis. Which helps you understand what your software, your app is composed of because you could be including things indirectly all kind of open-source libraries that lead to things like log four J, J, et cetera, but and or labs is interesting because it comes from founder veteran founder of Varun Bedouin who started the cloud security posture management space with red lock. Years ago, he was a finalist 2017 in innovation sandbox. And that of course got bought by Palo Alto networks, became the Prisma cloud. And this is actually end to her labs this open-source software composition analysis startup that appeared this year in 2023 is actually Varun's third ISB finalist. I think that's the record. So and or labs of course is going to be on an upcoming episode. I'm actually going to have ruin on to talk about being a founder and about innovation and red lock as well. But at any rate, into a lab is the target's open-source side of this problem, open-source libraries are everywhere, as indoor labs tells that there's even foundational Internet code. Maintained by single part time developers, even folks who serve time in prison. Like we think of open-source as this giant hive mind of Google developers that are doing a better job than a lot of other vendors could, but that's not all of the open-source code libraries out there. There's some of them that are pretty sketchy in terms of reliability. At any rate, they help developers choose and manage risk as they choose and understand what they're choosing in terms of open-source libraries. And so again, it's shifting it does have that shift left to left field where it is enabling developers in the first place instead of critiquing them afterwards. And then there's another one here, a reliance AI, this is a very interesting one, there's an episode with them coming up as well. That they're going to be on reliance AI and forces privacy by asserting compliance against the custom accompanies custom code development. And so what that means is you have data you essentially have compliance agreements, contracts, legalities, all these things. From the legal side from the compliance side. And then you have software developers writing lots of custom code. And software developers are moving around code and the term data flow is typically used. There's a lot of data flows being created in your custom software done by DevOps. As a customer. And you may be doing things that are violating the law that are violating your privacy agreements. And so you can buy reliance AI's product and they have some advanced intelligence that they built up. It's actually a little shocking how smart their product is. How smart their AI is. Essentially what they're touting is that their AI can understand the privacy clauses in the compliance documents. And it doesn't just understand that. It understands the code that your customers DevOps people are writing. And it can basically take these privacy requirements and say, hey, this code you just wrote violated it. So let's you know it's some advanced use of natural language processing and. Let's put it this way. It's very ambitious. I push back on the founder a little bit like, how are you doing something this advanced? How well does it work? That kind of stuff. And time will tell. And it doesn't make sense for us to poo poo stuff like this, not with the era of generative AI, but it does make sense for us to just have a skeptical latitude about it while a curious but skeptical attitude and they have a really interesting crew over there as their founders say the cofounder trend has been taken off this year to a lot of cofounders or I'm sorry co CEOs and they have a compiler nerd and a sub proclaimed compiler nerd and compliance nerd teaming up to run that company. So that's a very interesting one. And then of course also in this shift left of left area of you know this the new take on dev sec ops DevOps, how to secure code that custom code that everybody is writing at their organizations. We have the final, the final one in this little related to this trend is daas. And das focuses on orchestrating remediation across the sprawling software development life cycle. You know, as they put it, there's a diverse set of what they call code to cloud personnel that essentially are developing applications. So you know in the end customer, their DevOps people are writing code and then pushing it straight up into their cloud into their platform as a service on these continuous integration and continuous development pipelines. So if you can imagine all the different software developers, where do they run their code where they deployed up in your cloud if you're in charge of cloud security? And so you have to keep track of all these CICD pipelines of where these custom apps and custom code are being pushed up. And this is something to really think about too. If you're the cloud security person, all these developers, they're pushing up their own container images, they're maintaining their own container images. What version of container, I mean, essentially they're an IT department of one. In terms of a change management, vulnerability management, it's like having a fractured everybody's their own IT departments. They're not just putting up custom code with vulnerabilities, but who knows what's going on with the container images, who knows what libraries or artifacts they're building in. So it's a pretty scary environment these days. The decentralization of IT and everyone becoming an admin and coming a software developer or software builder. It's a scary time. And it helps you once you know you have a vulnerability, it auto maps all these CICD pipelines, and then it orchestrates your meeting remediating a code vulnerability across this sprawling set of departments and actors, which is pretty daunting if you're supposed to take care of this. The founder talked about the difficulty getting on the phone and trying to figure out who to contact the handle of vulnerability that a lot of their customers are going through. So very interesting takes this year on the application security related to kind of honestly, I think shift left to left really kind of summarizes it's going earlier in the chain for a lot of these. You know, not after the fact scans and critiquing of code and it's a lot more integrated tightly with developers and helping out developers. And finally, one of the most interesting, in my opinion, one of the most interesting aspects or threats that the supply chain that I had never I hadn't really thought about before asterisk security and valence come forward with some new scary descriptions of attack surfaces that are being produced by API integrations, deep in your software supply chain, or your SaaS supply chain, we're still trying to get the words straight for this. That's one of the funky things about being in the early growth startup stage is you have older players that use software supply chain a certain way and some of these some of these startups would like to use it a little different and there's a little turf wars over these words, but let's go into what's going on here in more detail. So essentially what asterisk and valence security are going to explain to you is that one of the most important important supply chain issues that no one is talking about are the back end API integrations. So hidden data can flow between commercial SaaS vendors. And it can flow between your commercial SaaS vendors that you own because your business users are building shadow integrations. They're doing it because they're using orchestration platforms. They're doing it because you know maybe they log in and it says you know one SaaS app says, oh, let me access your data and Gmail or your social media or your calendar and since essentially the business users or administering your SaaS app, they're saying yes. And that creates an integration or a data flow between those multiple SaaS applications. You know, like I said, orchestration platforms could be, if they're automating between them, but generative AI is even a thing too, even without coding skills, like I said before, there are business users, non technical business users asking, apparently, I've not tried it myself, but as the founder of some of these startups have mentioned, you can ask chat GPT to code up an integration between a couple of your business SaaS tools and pull data from one and move it into the other. So it's scary stuff. And when these integrations are done, these integrations are running. You can maybe call it an integration app that's running and it authenticates to these APIs to move the data back and forth. What this integration app is running in automating as is an interesting topic. Because they're starting to call these non human identities because it's not a human. The integration app is not a human, right? And asterisk security is the first of these to talk about asterisk security in particular hypes the fact that there are so many non humans. A non human identities. They're actually counting 45 times as many non human identities, which are just basically running integration apps that are calling APIs and accessing your data in authenticating. And so they're trying to rein in these non human identities and they focus on mapping the web of APIAPI to API shadow integrations between all your different APIs and SaaS apps and your homegrown apps as well that expose APIs and they're monitoring these API to API integrations and activity, trying to rein these in. And their product creates a nice little picture of a web of these, which is pretty frightening. Pretty funny when you see the web and you realize that perhaps sense of data is going back and forth and you realize that, you know, if asterisk numbers are true, when you look at that web, there's 45 X more identities bouncing back and forth between this web accessing your data than there are actual human employees. All right, let's move on to the next one in this broad category of APIAPI integrations threatening the software supply chain for this web of APIs. Surveillance security maps the SaaS assassin mesh. Which is very similar. SaaS integrations in the back end, they handle misconfigurations and they remediate remediate these SaaS integrations, these shadow integrations. They don't show mediate them. They actually have a nifty little education step because obviously there's a non business user. Creating data integrations, creating data moves between your SaaS apps that you don't want. Because we're in this decentralized IT world and business users essentially end up as SaaS admins. That's the world we live in. And that's what valence is security is focused on this surrounding attack surface of these API to API web. And so valence security provides visibility when things like Salesforce are connected into sales opportunity repositories or when Calendly is integrated into private mailboxes. Those are some examples they gave. So we are going to have valence security and asterisk security on and their founders. We're going to dig into these in depth on future episodes. So those are my three big trends. Well, the overarching trend is that software builders, right? We're in the automation area. Software builders, AI builders, traditional DevOps, software builders, and non technical people that are building AIAPI integrations. That's the overarching trend in this automation era they're creating a lot of new attack surfaces and ten finalists created products to defend these attack surfaces. And of course, under this broad heading, it's, you know, again, attack surfaces around machine learning and AI with hidden layer and Xamarin. Attack surfaces around DevOps. And new takes on the shift shifting left and shifting left to left. Would be the second trend in the third trend, of course, is you know we got to handle this API integration issue that is threatening the software supply chain. The sash mesh and the API web of shadow integrations is a big problem. Those would be the three trends, the three new major attack surfaces. And then you have a couple stragglers. There's always a couple finalists that don't fall into clean trends or don't group with others. Safe base, they make a secure role based trust center that allows a vendor's sale people and a vendors their customers to come together and share supply chain information. So a lot of times you'll reach out to your vendors and say, hey, I need to know I want an S bomb. I want to know the components of the software I just bought. I have questionnaires for you so I can manage risk. Well, that's what safe base is. Secure role based trust center enables enables that communication between the customer and the salespeople. Very solid approach to a key business problem. And then, of course, and chain is innovation sands boxes first ever web three native company, which is pretty cool. Obviously for all the web three native or the web three geeks and the blockchain folks, it's nice to finally see a startup here. After all these years, and ancient has a web three sock product. It's essentially if you work at a web three native company, you have the stock product. It runs your sock and you can monitor or detect, respond, and investigate blockchain smart contracts. Which, of course, the smart contract consists of code on the blockchain. So there you go, another attack surface from code, the blockchain smart contracts. So again, just to cap, recap, it's about the software builders and all the crazy attack surfaces that automation are creating. That's what all these ten finalists are securing. It was a very interesting year. I learned a lot. I had a lot of fun and I hope you did too.