How Imperva Infused AI Throughout Research and Development

The Age of AI Is Upon Us

The current pace of technological change beggars’ belief. Generative Artificial Intelligence (GenAI), released to the world a mere two years ago, promises to eliminate much of the tedium of the digital world. Software engineers around the world are already using it to speed up their development times (making them more productive) thereby increasing feature velocity. Software code assistants are just the first step, and since everyone is using them, the benefit is no longer differentiating; code copilots are table stakes.

The real question is can a development organization truly create better, differentiated software and services by infusing GenAI knowledge throughout R&D?

That was the premise of Imperva’s 2024 Hackathon, which completed in November. Imperva, a long-time application security specialist vendor, runs a themed hackathon every year. This year we chose GenAI as our overall focus and organized our teams around the following goals:

• Applying AI for better cybersecurity outcomes (AI for Cyber)
• Protecting customer AI (Cyber for AI)
• Leveraging AI for internal processes.

Imperva has development offices around the world, with main campuses in Israel, India and North America.  Over 250 R&D employees, from six different countries, participated.  All received over 35 hours of training with a cloud provider’s AI model training platform as one of the first steps to the hackathon program. The third-party trainers, by the way, remarked that this was the biggest and most intense hackathon training they’d ever witnessed.

×

Feb 13 Upcoming Webinar

Elevate your Security Posture by Balancing Effectiveness and Efficiency

Register Now

Forty teams were formed across the three regions.  Each team was given a week to prepare, and then a solid, food-fueled 48 hours to intensely apply their training to their AI project.

AI For Cyber

The first group of projects apply GenAI for better cybersecurity outcomes. These centered on simplifying or automating time-consuming tasks for our customers, eliminating the need for them to continually grow their security teams or staff them with advanced security experts. GenAI projects in this group included chatbots that helped customers:

• Create or configure security policy. Teams developed tools to streamline the creation application security policies and more easily interact with and configure API security policies.
• Reduce alert management. One project built a GenAI that automatically analyzed incoming alerts, identified root cause, and provided clear, actionable instructions for resolution
• Speed incident searches. Another team used GenAI to help users to filter event data by using a free text search instead of applying complex, domain-specific filters, leading to a much more natural language interface.

Cyber for AI

Our customers are experimenting with GenAI with the ultimate goal of fielding it to their end-users, but they need to do so as safely as possible. The “cyber for AI” category of projects focused on building cybersecurity protections for the entire GenAI lifecycle. The most compelling projects in this category aim to extend security to AI-enabled applications by protecting against AI-specific threats like:

• Training data poisoning. One project built a training tool to detect and prevent data poisioning attacks in the databases used by GenAI.
• AI abuse. The natural language interface to data is both the killer app of GenAI and its biggest threat surface. One team built a working AI firewall to protect LLMs from abuse, misuse and fraud.

Leveraging AI

The final category of projects leveraged AI to improve all internal processes and workflows.  Thereby accelerating feature velocity and delivering value to customers, faster. These projects reduced:

• Turnaround time. One project built a GenAI tool to achieve real-time troubleshooting for customer issues.
• Analysis time for new threats. Our threat research team used GenAI to summarize attack campaigns to craft the salient incidents into discrete narratives.
• Collaboration friction: One ambitious project scaffolded a platform to help R&D understand, share and collaborate on disparate codebases.

The Judging

This is where your narrator, David Holmes, CTO for Application Security, entered this lovely fairytale; I flew to one of the Imperva development offices to participate as a judge for the North American teams.  One of these teams had won a “side quest” where they got to pick my brain for an hour the day before the presentation. I reached back to my industry analyst skills to understand their value proposition and then help them tweak their presentation.

On the day of the judging, the local judges scored each project across a dozen criteria after seeing each team’s project and presentation.

I was not expecting to be so inspired by the teams.  Having been a software developer myself for over two decades, seeing watching the coders present their projects and explain where GenAI was used for critical analysis or output, made me want to hang up my hospitality loyalty points, put my head down and just code cool stuff.

The Winners

As it turned out, the team that won the side quest with yours truly, was my favorite, the crowd favorite, the North American favorite, and the overall winner of the 40 teams and 11 finalists.  Their team received a nice four-figure check and eternal fame.

This Hackathon was about much more than prizes — it was about pushing boundaries, fostering creativity, and collectively taking a significant leap forward in our understanding and application of GenAI.

The post How Imperva Infused AI Throughout Research and Development appeared first on Blog.