Bedrock Security today revealed it has added generative artificial intelligence (GenAI) capabilities along with a metadata repository based on graph technologies to its data security platform.
In addition, the company is making available Bedrock Free for Snowflake, a freemium edition of the platform hosted on the Snowflake cloud service, that in the past two years has become heavily targeted by cybercriminals.
Bedrock Security CEO Bruno Kurtic said Bedrock Security Metadata Lake makes it possible to employ graph technologies to automatically catalog all the data that exists in an IT environment, where it resides, who can access it and its level of sensitivity.
The generative AI capabilities being added include Bedrock Security Metadata Lake Copilot, to provide a natural language interface to query that data, along with a set of AI agents to automate cybersecurity workflows. AI agents can, for example, guide cybersecurity teams through a workflow that automatically gathers relevant context and suggests next steps to resolve an issue.
Collectively, those capabilities will make it simpler to curate data in a way that serves to significantly improve an organization’s data security posture management (DSPM), said Kurtic. The critical because most cybersecurity teams have little insight into the data they are expected to protect, he added.
A survey of 530 U.S. cybersecurity professionals at organizations with over 1,000 employees published today by Bedrock Security, finds 82% of cybersecurity professionals report gaps in finding and classifying organizational data across production, customer and employee data stores. Just over half (53%) of security teams lack continuous and up-to-date visibility, with most (65%) requiring days or weeks to identify and locate sensitive data assets. More than three-quarters (76%) said they cannot produce a complete data asset inventory within hours when needed, the survey finds.
Additionally, the survey finds 86% of respondents reporting their responsibilities have evolved in the past year. More than two-thirds (68%) increased their focus on infrastructure security while simultaneously taking on new data-centric responsibilities. A total of 59% added new AI data responsibilities but less than half (48%) have a high level of confidence in their ability to control sensitive data used for training models. Top challenges identified include struggling to classify sensitive data being used by AI models (79%), inability to ensure AI systems respect proper data access rights (77%), trouble tracking what data feeds their AI systems (64%) and difficulty enforcing policies on data used to train AI models (57%).
The core Bedrock Security platform takes advantage of proprietary serverless computing framework and application programming interfaces (APIs) to continuously scan and dynamically enforce policies across heterogeneous IT environments. As those environments become increasingly complex, legacy data security platforms that depend on a more static approach are not able to keep pace with the rate of change occurring, noted Kuric. The Bedrock Security platform, for example, found that 88% of respondents said an automated metadata lake would be “critical” or “very valuable” to solving their data visibility issues.
Arguably, cybersecurity has always been a data management issue, but as more organizations realize the extent to which perimeters are now easily bypassed, the need for an approach that specifically focuses on securing data, especially in the age of AI, has become more apparent. The challenge now is securing the funding for the tools and platforms needed to secure data at a much more granular level than most organizations are currently able to achieve and maintain.
