Prompt Security's Itamar Golan: AI security must be a category, not a feature
When generative AI started surfacing in corporate tools, most vendors framed the issue as a looming threat. Over time, the conversation has moved beyond alarm bells to concrete defenses. Prompt Security’s co‑founder Itamar Golan argues that the industry’s response must evolve from a single‑point fix to a defined market segment.
Executives now confront an expanding “AI sprawl” that stretches across chatbots, code assistants and data‑generation pipelines. Chief information security officers are no longer satisfied with basic URL blocks or ad‑hoc policies; they need a framework that treats AI risk as a core security discipline rather than an add‑on. That shift in mindset sets the stage for Golan’s observation that the dialogue has turned from “this is happening” to actionable guidance on staying ahead.
As the market matured, our messaging shifted from “this is happening” to “here’s how you stay ahead.” CISOs now fully recognize the scale of AI sprawl and know that simple URL filtering or basic controls won’t suffice. Instead of debating the problem, they’re looking for a way to enable safe AI use.
As the market matured, our messaging shifted from "this is happening" to "here's how you stay ahead." CISOs now fully recognize the scale of AI sprawl and know that simple URL filtering or basic controls won't suffice. Instead of debating the problem, they're looking for a way to enable safe AI use without the operational burden of tracking every new tool, site, copilot, or AI agent employees discover. By the time of the acquisition, our positioning centered on being the safe enabler: a solution that delivers visibility, protection, and governance at the speed of AI innovation. Our research shows that enterprises are struggling to get approvals from senior management to deploy GenAI security tools.
Is AI security just another checkbox? Golan says no. The Prompt Security CEO argues that protecting generative AI must be treated as a distinct category, not a feature tacked onto existing tools.
Shadow AI sprawl has grown beyond the reach of simple URL filters. A real‑world breach, which he described only briefly, made clear that basic controls are insufficient. As the market matured, the company's messaging shifted from “this is happening” to “here’s how you stay ahead.” CISOs now acknowledge the scale of AI sprawl and are no longer debating the problem; they want practical ways to enable safe AI use.
Prompt Security is positioning its platform as a market‑leading solution rather than a collection of add‑ons. Whether organizations will adopt a category‑first approach remains uncertain, but the company’s focus on a dedicated platform reflects a clear strategic choice. The interview leaves open the question of how quickly the broader security community will align around this perspective.
Further Reading
- A New Chapter for AI and Cybersecurity - SentinelOne Acquires Prompt Security - SentinelOne Blog
- Prompt Security Named as a 2025 Gartner Cool Vendor in AI Security - Prompt Security Blog
- SentinelOne's Strategic Acquisition and the Rise of Runtime AI - SecurityBuzz
- Prompt Security + SentinelOne: A New Chapter Begins - Prompt Security Blog
- What Is AI Security? Risks, Challenges, and How to Stay Ahead - Prompt Security Blog
More in Business & Startups
Microsoft CoreAI engineers warn autonomous agents may replace junior tasks
Microsoft’s CoreAI team is quietly wrestling with a dilemma that could reshape entry‑level...
Translate AI Skills into Real Impact to Move From Replaceable to Indispensable
In the rush to add AI tools to a résumé, many professionals stop at the tutorial stage.
ChatGPT lists Garmin Vivoactive 5, Fitbit Versa 4, Pixel Watch 3, Ticwatch Pro 5
When I asked ChatGPT to narrow down a smartwatch purchase, the bot produced a concise shortlist of...
White House launches Genesis Mission to unite supercomputers, data in AI platform
The White House has rolled out a new effort called the Genesis Mission, a federal push to stitch...
Microsoft launches Fara-7B, an agentic Qwen model that solves tasks in ~16 steps
Microsoft rolled out Fara‑7B this week, branding it as an “agentic” model designed to handle...
Common Questions Answered
What does Itamar Golan mean by treating AI security as a distinct category rather than a feature?
Golan argues that protecting generative AI requires its own dedicated market segment, with specialized solutions, instead of being tacked onto existing security products. This approach ensures comprehensive coverage of AI‑specific risks such as prompt injection and model manipulation, which generic tools often miss.
How has Prompt Security's messaging evolved as the market for generative AI matured?
Initially, Prompt Security warned that AI threats were imminent, but as adoption grew, the company shifted to offering concrete ways to stay ahead of the risk. Their current positioning emphasizes proactive, scalable defenses that let organizations use AI safely without constant manual oversight.
Why are simple URL filtering and basic controls insufficient for managing AI sprawl, according to the article?
AI sprawl now includes chatbots, code assistants, and data‑generation pipelines that operate beyond traditional web traffic, rendering URL filters ineffective. Basic controls cannot detect malicious prompts or model‑level attacks, so more sophisticated, AI‑aware security measures are required.
What challenges do CISOs face when trying to enable safe AI use without tracking every new tool, as described by Prompt Security?
CISOs must balance rapid AI adoption with the operational burden of monitoring countless new agents, sites, and copilots that employees discover. Prompt Security aims to provide a unified solution that automates policy enforcement across the entire AI ecosystem, reducing the need for manual tracking.