September 19, 2023

Why we invested in HiddenLayer’s vision of creating safer AI application



Todd Graham

We are excited to announce that M12 has co-led, with Moore Strategic Ventures, the $50 million Series A investment into HiddenLayer, an AI application security startup. This investment will enable them to expand their team, increase go-to-market efforts, and further invest in its award-winning Machine Learning Security (MLSec) Platform.

But beyond this fantastic fundraise, here at M12 we believe in the potential and importance of their mission.

Like clockwork, every 7-10 years a new category of infrastructure emerges in IT. Think networks, servers, endpoints, cloud, and (most recently) identity. I’ve written about this previously – it never takes long for adversaries and attackers to exploit these new surfaces. As a result, the need to secure each new major class of infrastructure is never far behind broad adoption. The technology categories and metaphors we build to solve these problems are also highly consistent: log management, threat detection, compliance reporting, etc. – oftentimes it’s the same conceptual product but purpose built for the new surface, and it’s consistently been the domain of new startups (looking at you cloud security unicorns).

When it comes to the emerging domain of Artificial Intelligence (AI) and Machine Learning (ML), the story will be no different. Startups will need to step in and build solutions for the whole stack including logging, performance management, compliance, security, etc. But given we are mere months into AI’s Cambrian explosion, we are only beginning to see the new threats and attacks that AI will enable and be targeted with.

While infrastructure like public cloud had a relatively contained and manageable adoption curve – beginning with early-stage technology startups and gradually building to global enterprises – the sudden prevalence of Large Language Models (LLMs) means we must accelerate the development of our defenses. Enterprise products are getting copilots, new AI-driven solutions are being imagined, and legacy categories are getting new life with the addition of AI. Simply put AI and ML are no longer the dominion of a few well insanely well financed organizations: LLMs are everywhere and then some across industries, verticals, and geographies.

And if these advancements are to continue, corporations and users must be confident in their security and risk mitigation.

When evaluating the AI and ML security market there were several entry-points we considered for an investment. Prospective customers and users became our North Star, and this drove us to “follow the money” or rather the budget and responsibilities. There is debate among organizations about who owns Responsible AI (RAI) to ensure models are compliant and safe, but the defense and integrity of a model running in production is consistently viewed as the responsibility of the security organization. And while budgets can be thin for Data Science, most CISOs have robust budgets with existing line items that can be repurposed for new threats like attacks on models.

What first struck us about HiddenLayer was the team. They were forged in the fires of a significant ML-centric compromise that reduced the efficacy of a leading security tool to near-zero. They came to understand the attacker’s techniques and motivations, and realized others were at risk of similar compromise. And with 150,000 open-source models on Hugging Face alone, the ecosystem is target-rich.

The productized solution the company has created will sound conceptually like the defenses for other infrastructure: Machine Learning Detection and Response (MLDR). The architecture and implementation will feel at home in any security organization. The software noninvasively monitors the inputs and outputs of machine learning and artificial intelligence models, understanding appropriate activity and detecting adversarial techniques. When an attack is identified, the solution provides remediation capabilities including alerting, blocking, and misdirection (a personal favorite).

All these factors, from the product’s familiarity with security infrastructure to its proactive monitoring and responsive capabilities, underscore our reason to invest in HiddenLayer, as they contribute significantly to enhancing security in the AI era.

We look forward to leveraging the platform of Microsoft to help the team as they embark on this exciting journey.