Open Core Ventures (OCV) is proud to announce the launch of Garak, the commercial evolution of NVIDIA’s open-source Garak red-teaming framework and NeMo Guardrails, built by Google’s former Safe Browsing tech lead and trusted by Fortune 500 companies for end-to-end LLM security and compliance. It detects and stops prompt injections, jailbreaks, data exfiltration, and regulatory violations—before they reach production.
Founder and CTO Divya Chitimalla is a distinguished security engineer who spent four and a half years at Google as the lead engineer for phishing detection on Chrome, protecting over a billion users worldwide. With a PhD from UC Davis, award-winning research in networking technologies, and previous experience at Akamai building bot detection systems, Divya brings deep expertise at the intersection of security and emerging technologies. "Security has been my primary area of focus for a long time," said Divya. "With AI evolving so rapidly, it’s a once-in-a-lifetime opportunity to be part of this technological revolution."
The AI security gap
As AI systems transition from chatbots to autonomous agents, traditional application security methods fall short. Unlike traditional software vulnerabilities, AI systems can be manipulated through prompt injection attacks, data poisoning, and novel attack vectors that evolve as quickly as the models themselves. "LLMs are nondeterministic,” said Divya. “They can produce any sort of output. They can leak training data or sensitive information. All of these things are very new, and security systems need to catch up.”
The shift toward AI agents amplifies these challenges exponentially. "AI agents are becoming more and more autonomous, and they're doing tasks rather than just being a chatbot," said Divya. "That gives us a lot of scope to be the AI security layer for agents." A compromised agent accessing files, making transactions, or controlling systems can cause exponentially more damage than a compromised chatbot.
The urgent need for better AI security systems is further evidenced by the recent adoption of Garak open source, but using it requires hiring specialized security teams and building custom implementations. "Garak open source is being used widely in Fortune 500 companies,” said Divya. “That gives us a clear indication that there is definitely demand for an enterprise solution.” Testing results show the severity: 67% of AI customer service agents are vulnerable to prompt injection attacks that could expose customer data, while 84% of code generation agents can be manipulated into generating malicious code.
Enterprise-grade AI security
Garak evolves the open source framework from a developer tool into a comprehensive enterprise security platform. The open source project currently focuses on black-box testing of language models, but Garak's commercial offering extends far beyond this foundation to address the full spectrum of AI security needs.
Hosted Security-as-a-Service: Garak eliminates the complexity of running security scans internally by providing a fully managed platform. "We want to be that SaaS offering where you don't have to really hire your security team and build on top of open source. We give you that as a SaaS offering," explained Divya. The platform includes detailed dashboards and reports that make security insights accessible to non-security engineers, democratizing AI security across organizations. This hosted approach allows companies to run continuous security monitoring without dedicating internal resources to infrastructure management.
AI Agent Security Shield: While the open source GARAK focuses on language models, Garak's enterprise platform addresses the more complex security challenges of AI agents. "With the agents, there is a lot more. Like, there's tool usage. There is long-term context memory. There are also things that are planning, scheduling parts of agents. So we will handle all of that as part of the enterprise suite, which is not part of open source," said Divya. The platform acts as a security wrapper that intercepts every message, context, and action taken by AI agents, providing real-time protection against malicious actors attempting to manipulate autonomous systems.
Seamless Integration and Monitoring: Garak's architecture enables deployment across diverse environments, from cloud APIs to on-premises models. "We make it easy for you to integrate it with AI agentic platforms. Whatever you're using, we can even be a sidecar service for on-perm models that are hosted on your own infrastructure on GCP or AWS," said Divya. The platform provides continuous monitoring that catches security issues before they impact business operations, rather than relying solely on pre-deployment testing. This comprehensive approach ensures that security evolves alongside AI capabilities.
Building the HTTPS of AI
The opportunity to work with OCV represents the perfect alignment of technical challenge and market timing for Divya. "With OCV, I think I'll get the right guidance and right resources. So I think it will be exciting to build something big," she said. The OCV model allows her to focus on what she does best: "Being a CTO, I can do what I do best, which is tech and solving highly complex technical challenges."
Divya's vision for Garak extends beyond traditional security tools to something more fundamental. "I want to really build a product that is easy, seamless. It's almost like HTTPS. You almost forget that it's there, but it's there," she explained. Just as HTTPS became invisible infrastructure that every web application relies on, Garak aims to become the essential security layer that every AI system needs but never thinks about.
What excites Divya most is the scale of the opportunity ahead. "AI revolution is going to be bigger than the Internet, and security is so crucial," she said. As businesses increasingly depend on AI agents for critical operations, the security layer becomes as important as the AI itself. By building on the strong foundation of Garak open source while adding the enterprise features that Fortune 500 companies desperately need, Garak is positioned to become the standard for AI security in the autonomous age.