Cyber Security
Lasso Security Launches Context-Based Access Control for RAG Security
By GlobeNewswire
Share
NEW YORK, Aug. 05, 2024 (GLOBE NEWSWIRE) -- Lasso Security, a Generative AI security company, announces a new approach to access control for GenAI users. Context-Based-Access Control (CBAC) from Lasso Security allows enterprise security professionals to address access control and data leak prevention in GenAI solutions with a few simple prompts.
Retrieval-Augmented Generation (RAG) is a technique that enhances the capabilities of LLMs by integrating them with external data sources. This approach retrieves relevant documents to provide additional context, significantly improving the accuracy and relevance of LLM outputs without the need for retraining. However, RAG's lack of native access control poses a significant security risk to enterprises, as it could allow unauthorized users to access sensitive information.
Current access control methods like Role-Based Access Control (RBAC) and Attribute-Based Access Control enhance security by restricting access based on roles, permissions or attributes. However, in the world of RAG, these methods often lead to increased system complexity, data duplication and slower query performance. They also require meticulous implementation and ongoing maintenance, making them challenging to scale and manage effectively.
To address this issue, Lasso Security developed and introduced CBAC, which focuses on the context of both requests and responses. CBAC ensures that only authorized users access specific information, preventing unauthorized exposure and handling of documents with mixed relevant and out-of-scope information. This approach offers organizations a higher level of security and control, managing data access in a context-aware and efficient manner.
With CBAC, users can:
- Precisely Manage Access: Ensure that only authorized users can access specific pieces of information based on the context of their request.
- Prevent Unauthorized Information Exposure: Block sensitive information from being retrieved and displayed to users who shouldn’t see it, even if they have broader permissions.
- Handle Nuanced Data: Manage documents that contain both relevant and out-of-scope information by evaluating the context of each request.
This new access control and data leak prevention feature is integrated into Lasso Security’s GenAI security suite, which offers protection of employees' use of GenAI based Chatbots, Applications, Agents, Code Assistants and integrated Models into production environments. Regardless of how you deploy LLMs, Lasso Security monitors every interaction involving data transfer to or from the LLM. It also swiftly identifies any anomalies or violations of organizational policies, ensuring a secure and compliant environment at all times.
In the attached images, Lasso Security demonstrates how CBAC is implemented within a company using free-form text to enforce access control and security policies. As seen, a member of a finance team interacting with a GenAI tool is blocked from accessing information not related to their department. In contrast, an R&D person asking the same questions to the same GenAI tool is allowed access to the information.
“CBAC is a game-changer in the world of context-aware data security. By focusing on the knowledge level and not patterns or attributes, CBAC ensures that only the right information reaches the right users, providing a level of precision and security that traditional methods can't match,” noted Ophir Dror, CPO & Co-Founder of Lasso Security. “This innovative approach allows organizations to harness the full power of RAG while maintaining stringent access controls, truly revolutionizing how we manage and protect data.”
About Lasso Security
Lasso Security is pioneering LLM cybersecurity by safeguarding every LLM touchpoint, ensuring comprehensive protection for businesses leveraging generative AI and other large language model technologies. Through a combination of deep expertise and creative problem-solving, Lasso empowers organizations to securely integrate and deploy LLMs in production environments.
Contact:
Kevin Wolf
TGPR
kevin@tgprllc.com
Orly Bar Lev
Lasso Security
orlyb@lasso.security
Photos accompanying this announcement are available at
https://www.globenewswire.com/NewsRoom/AttachmentNg/7875f769-0011-46ae-8738-30eee61f2052
https://www.globenewswire.com/NewsRoom/AttachmentNg/cc8a8240-79c5-4587-a5ec-3fab5fc30739
First published on Mon, Aug 5, 2024
Liked what you read? That’s only the tip of the tech iceberg!
Explore our vast collection of tech articles including introductory guides, product reviews, trends and more, stay up to date with the latest news, relish thought-provoking interviews and the hottest AI blogs, and tickle your funny bone with hilarious tech memes!
Plus, get access to branded insights from industry-leading global brands through informative white papers, engaging case studies, in-depth reports, enlightening videos and exciting events and webinars.
Dive into TechDogs' treasure trove today and Know Your World of technology like never before!
Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. All information / content found on TechDogs' site may not necessarily be reviewed by individuals with the expertise to validate its completeness, accuracy and reliability.
Tags:
Related Content on Cyber Security
Related News on Cyber Security
Trellix Launches Xtend Global Channel Partner Program
Wed, Feb 8, 2023
By Business Wire
Kaspersky Exits US, Forcibly Switches Users To UltraAV
Wed, Sep 25, 2024
By TD NewsDesk
ExtraHop Presents Ratiodata With Gold Partner Status
Wed, May 10, 2023
By Business Wire
Seraphic Security Named As A 2023 SC Awards Finalist
Tue, May 23, 2023
By Business Wire
Related Events & Webinars on Cyber Security
Trending GlobeNewswire
Nexqloud Wins Audience Choice Award At Blockchain Life 2024
By GlobeNewswire
Launchdarkly Launches Dedicated EU Region To Support EU Data Residency And Compliance Needs
By GlobeNewswire
Roadzen Unveils Mixtapeai: Next-Generation AI Agents For The Insurance Industry
By GlobeNewswire
STAKING AI Launches Free Crypto Staking Plan, Making Crypto Staking Accessible To All
By GlobeNewswire
Gainsight Named A Leader In 2024 Gartner Magic Quadrant For Customer Success Management Platforms
By GlobeNewswire
Join Our Newsletter
Get weekly news, engaging articles, and career tips-all free!
By subscribing to our newsletter, you're cool with our terms and conditions and agree to our Privacy Policy.
Join The Discussion