Runtime application protection platform startup Operant AI Inc. today announced the launch of 3D Runtime Defense Suite, a suite that brings together discovery, detection and defense capabilities in real time to protect every layer of live cloud applications.

The new suite has been designed to address the issue where, as organizations adopt artificial intelligence capabilities, common and dangerous attacks often go undetected by static code scanning or traditional security methods. Operant AI argues that large language models are inherently unpredictable, necessitating real-time defense against unknown threats.

The way to address the risks, such as prompt injection and zero-day vulnerabilities, is through active runtime detection and defense that does not overwhelm with the amount of data it delivers for teams to analyze. That’s where Operant AI hopes to help with its new suite.

Operant’s new 3D Defense Suite capabilities include enhanced discovery tools that instantly generate live blueprints of AI workloads, models and application programming interfaces. The platform continuously identifies ghost APIs and tracks shadow data flows while providing comprehensive visibility into data-in-use patterns across third-party APIs and data stores. The suite ensures transparency across AI supply chains, covering major platforms like OpenAI, Gemini, Cohere and Anthropic.

The suite also introduces robust runtime threat detection, targeting Open Web Application Security Project’s top ten LLM threats, such as prompt injection, model theft and data poisoning. It detects sensitive data leaks in real time, including personal identifiers, secrets and API keys, securing data as it moves in and out of cloud environments. The proactive detection approach helps organizations protect their AI models against emerging threats.

For active defense, the suite automates in-line blocking and redaction of sensitive data flows to prevent data leakage. It intelligently quarantines suspicious third-party containers and models while enforcing rate limits and token usage policies for sensitive APIs, particularly AI endpoints. The capabilities allow teams to develop AI-enhanced products more securely without sacrificing speed, according to the company.

“Much of today’s AI is deployed on Kubernetes and our industry keeps learning secure-by-design applications are more able to protect data from the outset and prevent future heartache,” said Sarah Novotny, an adviser to Operant AI and a board member of the Coalition for Secure AI. “Operant’s in-line auto-redaction enables teams to develop AI-enhanced products faster, delivering Kubernetes-native privacy controls that span all the way from infra to AI APIs so that security, platform and developers have what they need to build today’s leading AI tech.”

Operant was previously in the news in September when it announced that it had raised $10 million in funding to accelerate team and product expansion. Investors in the company include SineWave Ventures, Felicis Ventures, Alumni Venture Group, Massive Corporation Inc., Calm Ventures and Gaingels.

Image: Operant