MSSP, DevOps, Generative AI, Threat Hunting

Startup SPLX Expands AI Security Platform with Runtime Protection Tool

AI-generated code

Two-year-old startup SPLX continues to add capabilities to its platform for protecting organizations’ AI operations, most recently with the release of a runtime tool to secure AI application development and workflows and another feature for analyzing automated red team results.

AI Runtime Protection is needed to safeguard the growing number of AI chatbots and agents against threats like prompt injections, jailbreaks, and social engineering attacks, which hackers use to make models leak sensitive data, bypass guardrails, or generate harmful content, according to the company.

With Analyze with AI, security teams can see an analysis and summary of the results from SPLX’s Probe, the platform’s automated red teaming tool.

The introduction of AI agents into the ever-expanding AI environment only complicates the challenges enterprises and SMBs alike face when deploying AI workloads, according to SPLX co-founder and CEO Kristian Kamber.

“Agentic systems introduce a whole new class of vulnerabilities,” Kamber told MSSP Alert. “In traditional software, you worry about a bad input entering at the edge. With multi-agent AI workflows, that input can propagate inside the system, from one agent to another, escalating into what we call a chained exploit.”

AI in Security

Generative AI is proving to be a crucial cybersecurity tool for protecting organizations against cyberattacks, particularly as threat actors continue to incorporate the emerging technology in their own malicious code. And they’re only getting better at it, with Aqua Security researchers in a recent report writing about Koske, a new cryptocurrency mining malware built using AI and a large language model (LLM) that is a significant advancement in bad actors’ use of AI.

At the same time, cybercriminals also are targeting commercial AI operations, making the tools from such vendors as SPLX – formerly known as SplxAI – crucial. According to cybersecurity firm Wiz – which is being bought by Google for $32 billion – the growth in AI-powered tools gives organizations more options for protecting against threats, but the growing use of AI makes those systems attractive targets.

“Enterprises need to defend against malicious actors especially,” the Wiz researchers wrote. “No matter the use case – service operations optimization, customer service chatbots, or otherwise – all AI is susceptible to cyber attacks and other vulnerabilities.”

Holding Back on AI

The specter of such cyberthreats and the unpredictability of AI systems are leading to some organizations holding back on their AI plans, Kamber said.

“Unlike traditional software, AI tools often behave in non-deterministic ways,” he said. “That uncertainty, combined with a fast-growing attack surface, makes many organizations cautious. We’re seeing real concern around risks like hallucinations, data leakage, and prompt injection, but also deeper issues like business misalignment – such as an AI recommending a competitor – and agent unreliability.”

Continuous Monitoring is Key

A key feature of SPLX’s platform is the continuous monitoring of a company’s AI environment, and AI Runtime Protection falls in line with that, designed to stop threats as the occur by filtering inputs and outputs and essentially being a real-time firewall for AI, securing AI deployments in production, according to the vendor.

That includes enforcing behavioral guardrails to ensure AI models comply with policies and near-zero latency.

“It’s a complete shift from point-in-time assessments to continuous AI security,” Kamber said.

MSSPs Extend Platform's Reach

It’s also a platform that MSSPs and MSPs can use for their customers. As an example, the CEO noted that its partnership with global solution provider World Wide Technology (WWT) means that the SPLX platform can be brought into large-scale enterprise environments.

“MSSPs and MSPs are critical to our go-to-market strategy,” he said. “As AI adoption matures across every sector, MSSPs will be the front line, and we’re here to equip them.”

The release of AI Runtime Protection and Analyze with AI comes three months after the New York City-based SPLX unveiled Agentic Radar, an open source feature that provides greater visibility into agentic AI workflows and their vulnerabilities, according to company executives.

Signs of Success

It also comes two months after SPLX announced $7 million in seed funding that will be used to expand the capabilities of the vendor’s platform. The startup, founded in 2023, in September 2024 announced it had raised $2 million from a trio of investors.

SPLX also said that in the second quarter this year, it saw 160% quarter-over-quarter growth and brought on five new Fortune 500 companies as customers. Kamber said the platform catches what other vendors miss and is adaptable to customers’ particular needs.

“There’s also growing executive pressure to get AI right,” he said, noting a Harris Poll survey in which 74% of senior executives worried they could lose their jobs within two years if they don’t deliver tangible AI value and 70% who said peers could be replaced if AI strategies fail. “Boards are demanding ROI, and soon. That has elevated the CISO role as enablers of strategic AI adoption. As organizations push to capture value from GenAI, success increasingly depends on aligning security, governance, and business outcomes.”

The vendor’s platform will be showcased this week at Black Hat USA 2025 in Las Vegas.

Jeffrey Burt

Jeffrey Burt has been a journalist for almost 40 years, moving from general-circulation newspapers to IT news sites in 2000. He’s an expert analyst and writer on cybersecurity, data center infrastructure, AI, and a host of other subjects for a range of organizations, including CyberRisk Alliance, eWEEK, Techstrong Group, The Next Platform, and The Register.

You can skip this ad in 5 seconds