AI Model Security focuses on protecting the AI models themselves — from adversarial attacks and data poisoning to model theft, backdoors, and supply chain compromises. This is the category where traditional cybersecurity meets machine learning research, and the stakes are rising as models become core business assets worth billions in training investment.
The landmark event in this category was Cisco's acquisition of Robust Intelligence for approximately $400M in late 2024, which became the foundation for Cisco AI Defense — one of the first enterprise-grade AI security products from a major platform vendor. This acquisition validated the category and set the floor for valuations. HiddenLayer, operating from Austin, TX, has emerged as the leading independent player with its comprehensive AISec Platform covering model scanning, AI detection and response (AIDR), and automated red teaming.
The threat landscape for AI models has evolved rapidly. Model extraction attacks (where adversaries attempt to steal model weights through API queries), data poisoning of training pipelines, and trojan insertion into open-source model weights are no longer theoretical — they are documented attack vectors being exploited in the wild. TrojAI and DeepKeep specialize in detecting these embedded threats, while Bosch AIShield and Binarly focus on supply chain integrity for AI artifacts.
With the open-source model ecosystem growing exponentially (Hugging Face alone hosts 500,000+ models), the software supply chain security paradigm is extending to AI. JFrog's ML capabilities represent this convergence — applying proven software artifact security practices to the AI model lifecycle. Our analysts expect AI Model Security to be one of the highest-growth categories through 2027 as enterprises move from experimentation to production-scale AI deployments.