Prompt Security

High-Level Overview

Prompt Security is an enterprise AI security platform that protects organizations from risks associated with generative AI (GenAI) tools, including shadow AI usage, data leaks, prompt injections, and vulnerabilities in homegrown LLM apps.[2][4] It serves enterprises by providing real-time visibility, policy enforcement, and risk mitigation across browsers, desktop apps, APIs, and custom AI workflows, supporting major LLMs like those from OpenAI, Anthropic, Google, and self-hosted models.[1][3] The platform solves the problem of uncontrolled AI adoption—such as employees using unsanctioned tools like ChatGPT or Cursor—which exposes sensitive data and invites regulatory scrutiny, while enabling secure integration of AI code assistants and agentic AI.[2][4] Growth momentum includes emerging from stealth in early 2024 with $5M seed funding, followed by an $18M round for $23M total, new features like authorization controls, and recognition as a CRN 2025 Stellar Startup in Security before its acquisition by SentinelOne.[1][5][6][7]

Origin Story

Prompt Security was founded in August 2023 by Itamar Golan and Lior Levy, cybersecurity veterans with deep AI expertise.[1][2] Golan spent 15 years at the intersection of AI and security, including roles at the IDF, Check Point, and Orca Security; since 2017, he has focused on deep neural networks and LLMs, contributing to the OWASP Top 10 for LLM Apps.[2] Levy brings 25+ years of experience from the same organizations, holding over 25 patents in areas like WAFs, DLP, and browser extensions, with a track record of scaling solutions to millions of users.[2] The idea emerged from recognizing a new attack surface in GenAI applications, as Golan noted in a blog post about vulnerabilities in GPT-like tools.[1] Early traction came swiftly: the company emerged from stealth in January 2024 with $5M seed funding led by Hetz Ventures (plus Four Rivers and angels like CISOs from Airbnb, Elastic, and Dolby), securing initial customers and expanding to $23M total funding by November 2024 from investors including Jump Capital, Ridge Ventures, Okta, and F5.[1][6]

Core Differentiators

Prompt Security stands out in the crowded AI security market through its comprehensive, one-stop platform. Key strengths include:

• Real-time visibility and coverage: Lightweight agents and browser extensions discover sanctioned and shadow AI across browsers, IDEs, terminals, APIs, and 13,000+ MCP servers; captures every prompt/response for searchable logs and compliance.[3][4]
• Model-agnostic and seamless deployment: Supports all major LLMs (OpenAI, Mistral, Meta Llama, Microsoft Copilot) with minutes-long setup via SDK, extensions, SaaS, or on-premises; low latency, minimal false positives.[1][3]
• Advanced enforcement: Blocks prompt injections, data leaks, toxic content; features like MCP Gateway for dynamic risk scoring, redaction, and identity-based authorization integrated with Okta/Microsoft Entra.[3][6]
• Broad applicability: Secures employee tools, homegrown apps, AI code assistants (e.g., GitHub Copilot), and agentic AI; includes open-source tools like Prompt Fuzzer for vulnerability assessment.[4][7]

Role in the Broader Tech Landscape

Prompt Security rides the explosive wave of GenAI adoption, where rapid productivity gains from tools like ChatGPT and Claude create massive security gaps via shadow IT and data exfiltration risks.[1][2] Timing is critical amid rising regulatory demands for AI governance and a "land rush" of enterprise AI integration, amplifying vulnerabilities in LLMs.[1][2] Market forces favoring it include escalating cyber threats to AI (e.g., prompt injections, oversharing), the shift to agentic AI with autonomous tasks via MCP, and enterprises needing non-intrusive controls without slowing innovation.[3][4][6] By providing endpoint-to-app protection complementary to platforms like SentinelOne's Singularity, it influences the ecosystem through acquisition integration, open-source contributions, and standards work (e.g., OWASP), accelerating secure AI scaling.[3][5]

Quick Take & Future Outlook

Post-acquisition by SentinelOne, Prompt Security's tech will embed deeper into enterprise endpoints, enhancing GenAI DLP and creating a "unique integrated layer" for AI security no competitor matches.[3][5] Expect expansions in agentic AI safeguards, MCP risk tools, and hybrid cloud/on-prem features amid trends like multimodal LLMs and stricter global regs.[4][6] Its influence will grow via SentinelOne's scale, shaping how firms balance AI speed with zero-trust security—turning GenAI from risk to fortified asset, much like early DLP did for data.[3]