Noma AI Agent Security Platform
AI security and governance platform for enterprise AI applications and agents.
Vendor Information
Noma AI Agent Security Platform Overview
Noma Security is an AI security and governance platform that protects enterprise AI applications and autonomous AI agents throughout their lifecycle. Unlike traditional security tools that cannot detect AI-specific threats like prompt injection, model poisoning, or agent misbehavior, Noma provides purpose-built protection through integrated capabilities including AI Security Posture Management (AISPM), automated threat protection, and agentic AI security designed to manage risks that cascade across interconnected systems.
The platform automatically discovers all AI assets across models, agents, data pipelines, and MLOps tools while generating comprehensive AI/ML Bill of Materials (AIBOM) for complete visibility. Through continuous scanning, automated red teaming, and runtime guardrails, Noma detects and blocks malicious prompts, jailbreaks, unauthorized agent actions, and supply chain vulnerabilities including compromised models and MCP servers, while ensuring compliance with OWASP Top 10 for LLMs, MITRE ATLAS, and emerging AI regulations including the EU AI Act.
Founded in 2023 and headquartered in Tel Aviv with offices in the US, Noma has raised $132M and serves Fortune 500 companies across financial services, life sciences, retail, and technology sectors processing hundreds of millions of AI prompts monthly. The platform maintains SOC 2 Type II, ISO 27001, and HIPAA compliance, has been recognized by Gartner as a 2025 Cool Vendor in AI Security and AI TRiSM Leader, received the SINET16 Innovator Award, and discovered the first-ever critical agentic vulnerability (ForcedLeak) in Salesforce Agentforce.
Key Capabilities
Standardized capabilities mapped to this product's security niche
Automatically discovers AI models, LLM API connections, ML pipelines, and AI-enabled SaaS applications in use across the organization, including those deployed without IT authorization.
Maps what data (including PII, PHI, and IP) flows into and out of AI models and APIs, identifying unintended exposure of sensitive data to external LLM services.
Detects adversarial inputs designed to override AI system instructions, extract training data, or manipulate model outputs. Detection approaches range from pattern matching to secondary model evaluation.
Produces a structured inventory of AI components, training data provenance, model versions, and dependencies in SPDX AI extension or CycloneDX ML profile format.
Maps the AI system inventory and associated controls to EU AI Act risk classification requirements and ISO 42001 AI management system controls.
Scores deployed AI models by risk level based on data sensitivity processed, deployment scope, capability classification, and applicable regulatory requirements.
Identifies AI systems processing sensitive or regulated data without appropriate controls: unencrypted PII in model inputs, PHI flowing to external APIs, IP in fine-tuning datasets.
Monitors inference API traffic for abuse patterns, rate limit violations, prompt injection attempts, and data exfiltration through model responses.
Integrations
Compatible tools and platforms
Solution Details
Compliance & Certifications
Regulatory frameworks and security certifications
Deployment Options
Where and how this solution can be deployed
Support Channels
Available support and communication options
Pricing Model
How this solution is priced
How to buy
This profile hasn’t been claimed yet. Contact the vendor directly for pricing and purchasing options.
Is this your company?
Claim Your Profile