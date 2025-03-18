Prompt Security launches comprehensive Authorization features for enterprise GenAI applications, enabling granular, context-aware access control as queries are made

NEW YORK, March 18, 2025 (GLOBE NEWSWIRE) -- Prompt Security , a leader in generative AI (GenAI) security, today announced new Authorization features that transform how organizations manage and secure access to GenAI applications and organizational data. This innovative identity and context-based Authorization system addresses the critical challenge of protecting sensitive corporate data while enabling productive AI use across the enterprise, providing granular control over specific features and content within AI applications.

In simple terms: when employees query AI tools like Copilot or any embedded AI application, they only see what they're authorized to see. If they want to ask about the CEO's salary or a colleague’s performance review, unless they have permission, they won't get access.

The Challenge of GenAI Authorization

AI is becoming increasingly integrated into enterprise workflows and datasets through tools like Microsoft 365 Copilot, Google Gemini, custom internal AI applications and an array of tools with AI features like Notion AI, Salesforce AI Copilot or Jira.

As these AI-enhanced products become an integral part of daily workflows, often without the awareness of security teams, organizations face unprecedented challenges in controlling access to sensitive information. This adds an extraordinary layer of complexity to authorization governance that current permission-based access systems cannot control, and introduces risks that GenAI tools can potentially expose confidential data through natural language interfaces.

A comprehensive GenAI Security solution must protect organizations wherever their users interact with AI, regardless of platform or device. This is especially critical for authorization in native desktop applications, where LLMs are increasingly embedded and handling sensitive information. Prompt Security introduced the industry's first lightweight desktop agent several months ago, bringing robust GenAI Security to native desktop tools like Copilot for 365. Today, we're expanding these Authorization capabilities to cover every touchpoint where users engage with AI, ensuring consistent security and protection across all interactions.

"Organizations have spent years building robust, permission-based access systems, and here comes AI and introduces a brand new challenge," said Itamar Golan, CEO and co-founder of Prompt Security. "Employees can now simply ask AI to reveal sensitive information, like salary details or performance reviews, and LLMs may inadvertently comply. Our new Authorization features close this critical gap, ensuring AI applications respect existing security boundaries. This isn’t just about restricting access—it’s about empowering enterprises to embrace AI with confidence, knowing their sensitive data remains protected. We’re delivering the missing piece that enables organizations to maintain their security posture while fully harnessing AI’s transformative potential."

Comprehensive Authorization Capabilities

The multi-layered Authorization system delivers enterprise-grade access control with real-time prevention of sensitive data exfiltration, contextual inspection of prompts and model responses and granular policy enforcement. Designed for simplicity and flexibility, it ensures robust security without complex integrations or invasive architectures.

Key features include:

Contextual runtime authorization analyzing both user identity and request context

analyzing both user identity and request context Granular, department-specific policies to enforce appropriate access permissions (e.g., marketing vs. finance), based on job functions and data privacy clearance

to enforce appropriate access permissions (e.g., marketing vs. finance), based on job functions and data privacy clearance Deep integration with leading identity providers like Okta and Microsoft Entra

like Okta and Microsoft Entra Real-time monitoring and enforcement with flexible redaction options, from full content blocking to selective data masking

with flexible redaction options, from full content blocking to selective data masking Comprehensive audit logging for security compliance which can be integrated with existing SIEM solutions



This streamlined approach enables organizations to manage tens of thousands of user groups efficiently while maintaining transparency, ease of configuration and security at scale.

About Prompt Security

Founded in August 2023, Prompt Security delivers a complete solution for all Generative AI security in the enterprise. Its platform supports millions of prompts and thousands of users every month. The founding team combines deep expertise in both cybersecurity and AI, with years of experience building and securing machine learning systems at organizations like Check Point, Orca Security and Israel’s elite intelligence unit 8200. Prompt Security’s CEO Itamar Golan was on the OWASP Top 10 for LLM Applications core team and Prompt Security’s CTO & co-founder Lior Drihem contributed to the project. The Prompt Security team of researchers has created proprietary LLMs and developed novel patent-pending techniques for detecting generative AI threats and addressing the associated risks.

