Skip to content
Home AI Security Tools HiddenLayer AISec
HiddenLayer AISec

HiddenLayer AISec

Category: AI Security
License: Commercial
Visit Website →
Suphi Cankurt
Suphi Cankurt
AppSec Enthusiast
Updated February 14, 2026
4 min read
Key Takeaways
  • HiddenLayer has disclosed 48+ CVEs in ML frameworks and holds 25+ granted patents in adversarial detection and model protection.
  • ModelScanner analyzes 35+ model formats for supply chain threats including backdoors, trojans, and serialization exploits.
  • AI Runtime Security provides real-time defense against adversarial attacks, prompt injection, and model evasion in production.
  • Raised $50M in Series A funding, recognized by Gartner as a Cool Vendor for AI Security, with AIBOM (AI Bill of Materials) generation.

HiddenLayer AISec is an enterprise AI security platform that protects machine learning models across their full lifecycle — from supply chain to production deployment.

HiddenLayer AISec platform overview

The company was co-founded in 2022 by Chris “Tito” Sestito, Tanner Burns, and James Ballard. Sestito spent years leading threat research at Cylance, where attackers exploited the company’s Windows executable AI model using an inference attack. That incident — which allowed binary files to evade detection across Cylance’s customer base — became the catalyst for HiddenLayer. Gartner named the company a Cool Vendor for AI Security. In September 2023, HiddenLayer raised $50M in Series A funding led by M12 (Microsoft’s Venture Fund) and Moore Strategic Ventures, with participation from Booz Allen Ventures, IBM Ventures, and Capital One Ventures.

What is HiddenLayer?

HiddenLayer addresses the security gap between traditional cybersecurity tools and the threats specific to AI/ML systems. The AISec Platform 2.0, unveiled in April 2025 ahead of RSAC, provides four capabilities: AI discovery, supply chain security, runtime defense, and attack simulation.

The platform is model-agnostic and agentless. It works across any architecture without requiring access to model weights, training data, or prompts. HiddenLayer’s research team has disclosed 48+ CVEs and holds 25 granted patents (with 56 pending) in adversarial detection, model protection, and AI threat analysis.

AI Discovery
Identifies AI assets across environments to eliminate shadow AI. Provides visibility into how and where models are used, by whom, and with what level of access.
Supply Chain Security
ModelScanner detects malicious code injections, pickle deserialization attacks, and architectural backdoors across 35+ model formats before models enter production.
Runtime Defense
Real-time monitoring protects deployed models from adversarial attacks, prompt injection, and inference manipulation without introducing latency or requiring model modifications.

Key Features

FeatureDetails
ModelScannerScans 35+ formats (PyTorch, TensorFlow, ONNX, Keras, GGUF, pickle, safetensors) for malware, tampering, and backdoors
AI DiscoveryShadow AI detection across cloud and on-prem environments
Runtime DefenseBlocks adversarial attacks, prompt injection, and inference manipulation in real time
Attack SimulationContinuous adversarial testing aligned with MITRE ATLAS
Model GenealogyTracks model lineage — training, fine-tuning, and modification history
AIBOMAuto-generated AI Bill of Materials for every scanned model (components, datasets, dependencies)
Threat IntelligenceAggregates data from Hugging Face and community sources to surface emerging ML security risks
ComplianceAligns with NIST AI RMF, MITRE ATLAS, ISO 42001, EU AI Act

ModelScanner

ModelScanner detects malicious code injections, pickle deserialization attacks, and architectural backdoors in ML models. It scans 35+ formats including PyTorch, TensorFlow, ONNX, Keras, GGUF, and safetensors. Scanning happens before models enter production, catching supply chain threats that traditional security tools miss because they weren’t designed for ML artifacts.

The scanner integrates into CI/CD pipelines and MLOps platforms. It supports deployment via lightweight containers and works with registries including Hugging Face, MLflow, SageMaker, and Databricks Unity Catalog.

Model Genealogy and AIBOM

Introduced in AISec Platform 2.0, Model Genealogy tracks how models were trained, fine-tuned, and modified over time. This provides explainability and compliance evidence for audit trails.

The AI Bill of Materials is automatically generated for every scanned model. It inventories model components, datasets, and dependencies in an industry-standard format, enabling supply chain risk tracing and licensing policy enforcement.

Attack Simulation

The red teaming engine runs continuous adversarial testing aligned with the MITRE ATLAS framework. It probes models for weaknesses in robustness, data handling, and system integration — identifying vulnerabilities before attackers find them.

Agentic AI protection
HiddenLayer provides security for agentic and tool-using AI systems. The platform monitors autonomous agent workflows, detecting prompt injection, misuse patterns, and risky multi-step behaviors in real time.

Platform integrations

HiddenLayer integrates with major MLOps and cloud platforms:

  • AWS — SageMaker model registry integration
  • Databricks — Unity Catalog scanning
  • Hugging Face — Continuous monitoring of model repositories
  • MLflow — Automatic scanning of registered models
  • Microsoft Azure — Available on Azure Marketplace
  • CrowdStrike — Listed on CrowdStrike Marketplace

Getting Started

1
Request access — Contact HiddenLayer for a demo or sign up through the Azure Marketplace. The platform is designed for enterprise deployment.
2
Connect your AI assets — HiddenLayer discovers AI models across your environment, including shadow AI. It integrates with model registries, cloud platforms, and CI/CD pipelines.
3
Scan your models — ModelScanner checks models in 35+ formats for malware, backdoors, and deserialization attacks. AIBOM is automatically generated for each scanned model.
4
Enable runtime defense — Deploy runtime security to monitor production models for adversarial attacks, prompt injection, and inference manipulation without impacting performance.

When to use HiddenLayer

HiddenLayer fits enterprises that rely on ML models for business-critical applications and need security controls that traditional tools don’t provide. The platform is designed for organizations that download models from public repositories like Hugging Face, deploy customer-facing AI applications, or operate in regulated industries where AI governance is mandatory.

Best for
Enterprise security teams that need model scanning, runtime defense, and compliance reporting across large AI deployments — particularly in financial services, technology, and US federal government.

For a broader overview of AI security, see our AI security guide. For open-source ML model scanning without the enterprise platform, consider Protect AI Guardian (built on the open-source ModelScan project). For prompt injection detection as a standalone API, look at Lakera Guard. For LLM red teaming tools, see Garak or Promptfoo.

Frequently Asked Questions

What is HiddenLayer?
HiddenLayer AISec is an enterprise AI security platform that provides ML model scanning, runtime defense, AI supply chain security, and automated red teaming. It was recognized by Gartner as a Cool Vendor for AI Security and holds 25+ granted patents in adversarial detection and model protection.
Is HiddenLayer free or commercial?
HiddenLayer is a commercial platform designed for enterprises. Pricing is based on the scope of models and deployments being protected. The company raised $50M in Series A funding in 2023.
Does HiddenLayer protect against prompt injection?
Yes, HiddenLayer’s runtime defense layer detects and blocks prompt injection attacks along with adversarial attacks and inference manipulation in real time, without requiring access to model weights or training data.
What ML model formats does HiddenLayer scan?
HiddenLayer’s ModelScanner supports 35+ formats including PyTorch, TensorFlow, ONNX, Keras, GGUF, pickle, and safetensors. It detects malicious code injections, deserialization attacks, and architectural backdoors.
Who founded HiddenLayer?
HiddenLayer was co-founded in 2022 by Chris ‘Tito’ Sestito, Tanner Burns, and James Ballard. Sestito previously led threat research at Cylance, where his team experienced a real-world adversarial ML attack that inspired the company’s founding.
How we review tools Suggest an edit

Other AI Security Tools

Garak
Garak

NVIDIA's LLM Vulnerability Scanner

Promptfoo
Promptfoo

LLM Evaluation & Red Teaming CLI

DeepTeam
DeepTeam

LLM Red Teaming Framework

AR
Arthur AI

AI Observability and Bias Detection

MI
Mindgard

DAST-AI Continuous Red Teaming

NVIDIA NeMo Guardrails
NVIDIA NeMo Guardrails

NVIDIA's Programmable LLM Guardrails

See all AI Security tools

Complement with SAST

Pair AI security with static analysis for broader coverage.

Bandit
Bandit

Open-Source Python Scanner

Codacy
Codacy

40+ Languages with AI Code Protection

See all SAST tools

Learn More

What is API Security? What is AI Security? OWASP Top 10 Prompt Injection Attacks API Security Testing LLM Red Teaming

Explore our API & AI Security resource hub