Knostic Brings Access Control to LLMs – Source: www.darkreading.com

Source: Deemerwha Studio via Shutterstock

Security startup Knostic is the latest company addressing the various challenges organizations face as they adopt generative AI tools. Knostic emerged from stealth with $3.3 million in pre-seed funding to bring “need to know” access controls for large language models.

Enterprises in their AI transformation journey are sprinkling AI capabilities throughout their workflow and processes to boost productivity, reduce costs, and increase efficiency, says Gadi Evron, co-founder and CEO of Knostic. Enterprises are adopting large language models to build ChatGPT-like enterprise search systems based on their own data sources, or enabling capabilities that are bundled into the applications and platforms they are already using. Data privacy is one of the biggest barriers to AI adoption, Evron says, noting that AI without controls potentially exposes the organization to increased risk, primarily by exposing information to the wrong person.

“How can we curate personalized information and actually give you value? Answer with what you need to know instead of just saying stuff,” says Evron.

Access Control for LLMs Is Necessary

With Knostic, employees can access everything they need, and receive answers that align with what they need to know in order to do their job.

For example, an organization can have a system that can answer questions such as features expected in the next product release, the latest sales numbers and revenue figures, bonus structure, due diligence results in a mergers and acquisition scenario, or the status of an infrastructure project. But everyone shouldn’t get the same answer to every question. While the CFO and CTO needs to know the quarterly sales revenue, the marketing intern probably does not, Evron notes. Knostic’s access control engine considers whether the answer is appropriate for the questioner’s role, and if it is not, answer with a “I’m sorry, that is confidential information,” Evron says. Or instead of just saying no, the system can respond that even though the answer is confidential, the marketing campaigns the intern worked on boosted sales over the quarter. That’s where personalization and curation comes in.

One thing Evron emphasizes is that access control is binary — either the person can have access or they cannot. Knostic’s focus on “need to know” makes it possible to provide some information even when the answer is no. “When we say no, we are not enabling the business,” Evron says, noting that providing information in a different format or with related context helps the business user more than just being told no.

“Once you figure out what you are allowed to know, you can solve DLP [Data Loss Prevention] and IAM [Identity Access Management,” Evron says.

What “Need to know” Looks Like

When thinking about access control, organizations need to consider factors such as whether the system is internal or public-facing, whether the data used to generate responses is sensitive or not sensitive, and the role of the person asking the questions, says Sounil Yu.

There has been a lot of discussion about how organizations need to build guardrails into AI systems to prevent abuse or providing answers that could cause harm. However, guardrails tend to be one-size-fits-all and doesn’t account for a person’s specific circumstances, Yu says. Consider how many publicly-available chatbots would not provide medical information because it is not a medical professional and should not be used for diagnostics. But if it’s a physician trying to access information as part of an investigation, that particular restriction is not helpful. Access control, unlike guardrails, take into account factors such as time, sensitive of data, and person’s role to determine how to shape the answers.

For example, the company may have a customer service chatbot that helps troubleshoot and assists in fixing common issues. That chatbot will have access to the same internal knowledgebase articles the customer service representative would have. But what happens if there is an article about a product that is not yet available on the market (say the latest iPhone)? The customer service representative needs that information so that they will be ready when the product is available, and may need it beforehand for training purposes. But there will be a lot of problems for that company if the customer learns details about the product from the chatbot before launch.

Instead of creating two systems — one for internal use and one public-facing — the company can conceivably use Knostic’s approach to provide different answers to the customer and to the customer service representative.

Company Details

Evron and Yu, have deep industry expertise. Evron was the founder of deception startup Cymmetria, and previously held roles in Citibank and PwC. Yu is the former chief security scientist at Bank of America and former CISO and head of research at JupiterOne.

Knostic, founded in 2023, has raised $3.3 million in pre-seed financing from Sheild Capital, Pitango First, DNS Ventures, Seedcamp, and several angel investors. Retired Admiral Mike Rogers, the former head of the National Security Agency, said in a statement the startup will “unlock LLMs for enterprises.”

Knostic has customers across a range of industries, including retail and financial services.

The company is also one of the top three finalists for the 2024 RSA Conference Launch Pad. At Launch Pad, founders of new (incorporated for two years or less) companies get to pitch ideas and products “on the cusp of being the next big thing” to a panel of venture capitalists. This year’s Launch Pad will be on Tuesday, May 7.