The release of public LLMs has thrust data security to the top of CISO’s priority list. While it might seem ridiculous to expose your company’s source code or sensitive meeting notes to a public search engine, that’s effectively what happened when ChatGPT was introduced in 2022.
Many organizations were caught off guard by how freely employees interacted with these platforms. Companies like Samsung initially banned ChatGPT after employees inadvertently shared confidential information. But history has shown us that blocking access to new technologies is both ineffective and counter-productive.
Ironically, the technology underlying public LLMs is also launching the next generation of data security. Alastair Paterson and Bryan Woolgar-O’Neil, co-founders of Harmonic Security, recognized this potential and set out to create a way for employees to use the tools they want while safeguarding sensitive data.
The Solution: Harmonic Security
After an intense development effort, Alastair and Bryan created specialized data protection models, allowing customers to adopt Generative AI applications while preventing sensitive data from leaking out of the enterprise. We’re thrilled to announce that Next47 is leading a $17.5M Series A financing in Harmonic Security to push this vision forward.
Harmonic’s co-founders previously worked together for a decade leading Digital Shadows, a threat intelligence company known for novel techniques to detect leaked enterprise data on the internet. Their expertise in monitoring an organization’s digital footprint and finding signal in the noise uniquely positions Harmonic to solve the challenges of sensitive data analysis at scale.
Traditional DLP solutions rely heavily on regex, which is difficult to read, write, and maintain. These rules are notorious for generating false positives, like misidentifying order numbers for SSNs and requiring brittle workarounds like checking for associated keywords in each document. While data lineage can help supplement these rules, it typically relies on metadata like identity and provenance rather than analyzing the actual data itself. This lack of context leads to more false positives than actionable results.
With Harmonic’s platform, organizations can finally move beyond the limitations of traditional DLP methods. Instead of relying on rigid rules, Harmonic uses modern language models to understand the context of data in real time. This contextual awareness drastically reduces false positives by differentiating between genuine risks like API keys and harmless strings like a version number in source code that happens to be in API key format. Because the models are extremely quick, Harmonic can “nudge” users at the point of data loss—taking the burden off the security team.
Harmonic goes far beyond the typical data types most DLP systems target. Whether it’s source code, research and IP, insurance claims, customer or employee information, Harmonic’s platform can adapt to it all. Security teams can define policy in natural language, making it easy to safeguard diverse data types.
With existing solutions, it is incredibly difficult to detect something like sensitive M&A information, as there is no predefined pattern, keyword, or classification that can reliably capture all the ways employees might mention it. Traditional DLP systems fall short here because they rely on rigid rules or pre-labeled data, but in reality, much of this is highly unstructured information generated spontaneously in chat windows, emails, and now public LLMs. What sets Harmonic apart is how effortlessly its customers can stay ahead of evolving risks—without needing to constantly rewrite and add to a long list of complex rules.
As Harmonic continues to push the boundaries of data security, it’s clear that the future of DLP lies in real-time, context-aware solutions that adapt as quickly as businesses do. If you’re passionate about security or language models and want to be part of this exciting journey, Harmonic encourages you to check out their job openings and join the team that’s reshaping data protection.