Prompt Security's Itamar Golan on why generative AI security requires building a category, not a feature

VentureBeat recently had a virtual sit-down with Itamar Golan, the co-founder and CEO of Prompt Security, to discuss the challenges that organizations of all sizes face in the realm of GenAI security. Golan shared insights on shadow AI sprawl, the strategic decisions that led him to focus on building a market-leading platform over competing on features, and a real-world incident that highlighted the importance of securing AI applications. This conversation shed light on Prompt Security’s mission to empower enterprises to adopt AI securely, ultimately leading to SentinelOne’s acquisition of the company for an estimated $250 million in August 2025.

Golan’s journey to founding Prompt Security began with his academic work on transformer architectures, predating their widespread use in today’s large language models. His early experience in building security features powered by GPT-2 and GPT-3 made him realize the new attack surface created by LLM-driven applications. Prompt Security was established in August 2023, securing $23 million in funding across two rounds, assembling a 50-person team, and achieving a successful exit in under two years.

The timing of the conversation was particularly relevant, with VentureBeat analysis showing that shadow AI now costs enterprises $4.63 million per breach, 16% above the average. Despite this, 97% of breached organizations lack basic AI access controls, according to IBM’s 2025 data. The prevalence of shadow AI apps is expected to double by mid-2026, with Cyberhaven data revealing that 73.8% of ChatGPT workplace accounts are unauthorized. Enterprise AI usage has grown 61 times in just 24 months, underscoring the critical need for robust AI security measures.

Prompt Security’s platform was known for prompt injection defense, addressing a wide range of GenAI security challenges such as data leakage, model governance, compliance, and red teaming. Customers were particularly impressed by the platform’s capabilities in shadow AI discovery and real-time sensitive-data sanitization, enabling safe AI usage without compromising productivity.

Golan attributed Prompt Security’s success to three strategic decisions that accelerated their growth. Firstly, he focused on building a category rather than a feature, positioning the platform as the AI security control layer for enterprises. Secondly, he prioritized enterprise complexity early on, ensuring readiness for deployment in diverse organizational environments. Lastly, he chose depth over logos, working closely with a select group of serious customers to shape the product based on real-world enterprise needs.

As the market evolved, Prompt Security’s messaging shifted from raising awareness of AI risks to providing solutions that enable safe AI usage. Golan emphasized the importance of framing GenAI security as an extension of existing data protection mandates to persuade C-level executives to invest in security tools.

A pivotal incident during Prompt Security’s journey highlighted the democratizing nature of AI threats, where a non-technical user exploited a customer-facing AI support agent to access sensitive data. This incident shaped Prompt Security’s product roadmap, leading to enhancements in runtime protection for customer-facing AI apps, prompt injection detection, and data leakage prevention.

Following the acquisition by SentinelOne, Prompt Security’s focus is on extending AI security capabilities across SentinelOne’s Singularity Platform. The integration will provide MCP gateway security between AI applications and thousands of known MCP servers, offering model-agnostic coverage across major LLM providers.

In conclusion, the acquisition of Prompt Security by SentinelOne signifies the growing importance of embedding security into AI adoption strategies from the outset. The collaboration between the two companies aims to enhance AI security measures and safeguard enterprises against evolving threats in the GenAI landscape.