An Intellyx Brain Candy Update
When I last covered Mitigant in June 2024, I emphasized that the company’s core capability was attack emulation, going beyond traditional penetration testing to analyze what bad actors would do once they compromise a system or network.
At the time Mitigant focused on cloud security posture management. It has since added Kubernetes security posture management as well as AI services attack emulation and posture management.
Today, many vendors are offering various tools for securing AI, in particular, generative AI. Mitigant, in contrast, protects organizations from hackers looking to compromise the infrastructure underlying corporate AI efforts.
This distinction is important because it reveals parts of the enterprise attack surface that have not received adequate attention.
For examples, hackers may be conducting ‘LLM jacking’ attacks. Similar to ‘cryptojacking,’ where bad actors compromise cloud accounts to illicitly mine Bitcoin, LLM jacking is when the hacker leverages a compromised cloud account to train an illicit LLM the hacker then sells on the dark web, for example, for sex chat applications.
Bad actors can also leverage illicit LLMs running on highjacked infrastructure to extract sensitive data used to train or feed corporate LLMs.
Mitigant protects enterprises by mounting similar attacks to uncover and mitigate such vulnerabilities.
Copyright © Intellyx BV. Intellyx is an industry analysis and advisory firm focused on enterprise digital transformation. Covering every angle of enterprise IT from mainframes to artificial intelligence, our broad focus across technologies allows business executives and IT professionals to connect the dots among disruptive trends. None of the vendors mentioned in this article is an Intellyx customer. No AI was used to produce this article. To be considered for a Brain Candy article, email us at pr@intellyx.com.
