Join our daily and weekly newsletters for the latest updates and exclusive content covering cutting-edge AI. Learn more
Open source Large Language Models (LLMs) continue to revolutionize the cybersecurity landscape, serving as a powerful catalyst to increase innovation and enabling startups and established vendors to accelerate time to market.
From new generative AI applications to advanced security tools, these models provide the foundation for the future of generative AI-based cybersecurity. Open source models gaining traction in cybersecurity include LLaMA 2 by Meta. LLaMA 3.2, Falcon from the Institute of Technological Innovation, StableLM from Stability AIand those hosted by Cuddly faceincluding The flowering of BigScience. All of these models are increasingly adopted and used, largely due to their greater cost-effectiveness, flexibility and transparency.
Cybersecurity software vendors face a growing set of governance and licensing challenges while enabling their platforms to evolve in response to the rapid evolution of open source LLM development. Designing an architecture that can quickly adapt and capitalize on the latest features provided by the most recent open source LLMs is a challenge.
Itamar Sher, CEO and co-founder of Seal securityrecently sat down with VentureBeat (virtually) to discuss the fundamental but evolving role of open source LLMs in their operations. “Open source LLMs allow us to tailor security patches to open source components in a way that closed models cannot do,” he said.
The ability to rapidly scale models is essential for companies like Seal, which use open source components to ensure patches are deployed quickly across different environments. He added that “open source LLMs give us access to a community that continually improves the models, providing a layer of intelligence and speed that would not be possible with proprietary systems.”
The growing importance of open source LLMs in cybersecurity
Cybersecurity vendors have long relied on proprietary ownership of their applications, tools and platforms to lock customers into a given solution, particularly in the areas of threat detection and mitigation. However, VentureBeat finds that there is a backlash against this strategy, further accelerating the popularity of the open source LLM.
Gartner Hype cycle for open source software 2024 reflects the growing importance of open source LLMs, placing them at the pinnacle of inflated expectations. This placement reflects what VentureBeat is hearing about renewed interest and adoption across the cybersecurity vendor landscape and within enterprises.
Credit: Gartner, Inc. (August 8, 2024). Hype Cycle for Open Source Software, 2024 (ID: G00811366). Gartner, Inc.
The Hype Cycle shows that the maturity of open source LLMs is still emerging, with market penetration between 5% and 20%. This technology is expected to plateau within two to five years, underscoring its rapid growth and growing dominance in cybersecurity.
VentureBeat sees more and more cybersecurity startups capitalizing on the flexibility and scalability of open source LLMs in their platform, application and tool strategies. A popular use case is fine-tuning models to meet domain-specific needs, from improving real-time threat detection to improving vulnerability management.
Sher said: “By integrating open source LLMs, we can customize models for specific threats and use cases, allowing us to remain agile and responsive to evolving cybersecurity challenges.
Compare the benefits and challenges of open source LLMs
Open source LLMs bring several benefits to the development and operations of cybersecurity systems, including the following:
Customization, scalability and flexibility: A key driver of adoption of open source LLMs, which is proving popular with cybersecurity companies that standardize on them, is the ability to quickly modify models for specific use cases. Seal Security’s integration of LLMs into its security platform, application, tool and service offerings illustrates how enterprises can use these models to streamline patch management processes on open source components. John Morello, CTO and co-founder of IntestinesYes told VentureBeat in a recent interview that the open source nature of Google’s BERT The open source language model allows Gutsy to customize and train its model for specific security use cases while maintaining privacy and efficiency.
Community Collaboration: Open source LLMs benefit from the growing base of developer communities that are pushing their limits and evolving daily to solve complex cybersecurity challenges. These communities accelerate continuous innovation, enabling businesses, developers and universities to benefit from shared insights and improvements. Seal Security, for example, has aligned with MITER’s CVE Numbering Authority (CNA) to improve collaboration around open source vulnerabilities.
Reduce dependence on the supplier: Open source models offer businesses a way to avoid vendor lock-in, giving them more control over costs and reducing reliance on proprietary systems. VentureBeat sees this question becoming crucial to the future of cybersecurity, with flexibility being the goal. Responding quickly to threats and taking a consistent approach to patch deployment is critical to the future of cybersecurity.
However, these benefits are not without challenges. Gartner notes in its research that open source LLMs often require significant investments in infrastructure, which can create long-term operational challenges for companies that lack adequately funded and staffed internal IT and security teams.
Licensing complexities associated with open source models can also present legal and compliance risks. Sher explained that “open source models give us transparency, but managing their lifecycles and compliance remains a major concern.”
Contributions of open source LLMs to cybersecurity are growing
VentureBeat sees cybersecurity vendors adopting open source LLMs at the core of their platforms, gaining a competitive advantage through their improvements in threat detection and response. Seal Security was able to leverage open source models for real-time detection and vulnerability management by integrating them into their security patching systems. According to Sher, “Our infrastructure is designed to quickly switch between different LLMs, depending on the threat landscape, ensuring that we stay ahead of emerging vulnerabilities. »
Gartner predicts that small language models or cutting-edge LLMs will see greater adoption in domain-specific applications led by cybersecurity. Edge LLMs, by definition, are decentralized and closer to the data they need to analyze, enabling faster processing and real-time threat detection.
Edge LLMs are designed to require less computing power, making them easier to manage and less expensive to train, which is ideal for cybersecurity use cases that require real-time speed and accuracy. By being able to operate at the edge, these LLMs can quickly detect threats in latency-critical environments, such as IoT devices or remote systems.
Protecting Against Software Supply Chain Attacks
Despite the growing number of contributions made by open source LLMs, they also carry risks. The growing number of attacks on the software supply chain is a major concern. Gartner’s Hype Cycle for Open-Source Software 2024 notes that open source components have increasingly become the target of state-sponsored attacks. The average age of vulnerabilities in open source code bases is approximately 2.8 yearsIt is therefore essential for companies to implement and keep their patch management and governance systems up to date.
The recent designation of Seal Security as CVE Numbering Authority (CNA) It is essential that the supplier plays a more crucial role in reducing the risk of supply chain attacks. The company can now identify, document and attribute vulnerabilities using the CVE program, helping to improve the security of open source code across the industry. Their partnership with MITER further strengthens this capability, allowing Seal to share its findings with the broader cybersecurity community.
As Sher noted, this collaboration helps improve the security of everyone who uses open source software, furthering the company’s commitment to protecting the global software ecosystem.
Looking to the future
Open source LLMs are redefining the cybersecurity landscape for the better by reducing the legacy lock-in of proprietary technologies and platforms. VentureBeat sees how quickly these models are advancing in terms of accessibility, quality, and speed, making them a viable alternative to proprietary systems.
For companies like Seal Security, the future lies in continually evolving their open source LLM capabilities to stay ahead of the ever-changing threat landscape. “We are constantly evaluating new models and infrastructure to ensure we can provide the best security solutions to our customers,” concluded Sher.
