Fujitsu announced that it has developed a multi-AI agent security technology as a core technology of its AI service Fujitsu Kozuchi. The system coordinates multiple AI agents with different specialties to simulate cyberattacks, protection strategies, and business continuity measures, thereby helping companies and public organizations to develop and enact proactive security measures against new threats and vulnerabilities.

Cyber Technology Insights: Veza Appoints Kane Lightowler as President and COO

The system comprises three main technologies: Security AI agent, multi-AI agent collaboration and generative AI security enhancement.

Fujitsu will commence field trials of the technology for generative AI security enhancement in partnership with Cohere Inc., beginning December 2024 and plans to release part of the multi-AI agent collaboration technology as open-source software (OSS) on OpenHands, an AI agent platform developed with the strong support of AI research world leader Carnegie Mellon University, in January 2025. Starting in March 2025, the full suite of technologies will be rolled out globally and offered on a trial basis.

Fujitsu’s multi-AI agent security technology empowers IT system administrators and operations personnel, even those without specialized security expertise, to build applications that enable proactive security measures. It ensures the safe and secure implementation of generative AI within enterprise IT systems, allowing organizations to fully leverage the benefits of this technology while mitigating associated risks.

Fujitsu is committed to contributing to the development of a trustworthy digital society where prosperity and stability coexist, as outlined in its materiality approach. Fujitsu’s newly developed multi-AI agent security technology represents a significant step towards delivering on that commitment.

Technology overview

1. Security AI agent

New technology that includes three fundamental AI agents for proactive security measures.
These agents incorporate technology co-developed with Ben-Gurion University of the Negev, a world leader in cybersecurity research.

  • Attack AI agent: Uses tactics, techniques, and procedures (TTP) analogy engine to propose effective attack scenarios against target systems for new threats.
  • Defense AI agent: Proposes countermeasures based on the company’s risk profile.
  • Test AI agent: Automatically builds a verification virtual environment (cyber twin) from the production system to analyze the impact of countermeasures.

The test AI agent runs reciprocal attack and protection simulations with the attack AI agent and defense AI agent on a cyber twin, enabling proactive defenses against new vulnerabilities. Our AI agents are characterized by co-creative learning, which tackles complex and unknown problems through collaborative and adversarial learning between AI agents with diverse skills.

Figure 2: Example of collaboration among the three security AI agents

2. Multi-AI agent collaboration

This technology enables seamless collaboration between AI agents and is versatile and applicable beyond security. When AI agents collaborate, ensuring data confidentiality, privacy protection and adherence to the policies of each organization is a significant challenge. To address this, Fujitsu implemented a secure agent gateway coordination function within each organization’s AI agent infrastructure. This allows for autonomous control of collaboration policies, enabling seamless AI agent collaboration without the need for explicit consideration from AI agent developers.

3. Generative AI security enhancement

To prepare for emerging threats to generative AI, Fujitsu, in collaboration with Ben-Gurion University, has developed an LLM vulnerability scanner that can automatically and comprehensively check security resistance, and LLM guardrails that automatically protects and mitigates against attacks. The LLM vulnerability scanner addresses over 3,500 of the latest vulnerabilities known to exist in generative AI, including a proprietary generative code vulnerability check function. Adaptive prompting technology selects the optimal attack prompt based on the LLM’s response, enabling highly accurate attack assessments. Furthermore, vulnerability explanation technology leveraging generative AI makes vulnerability assessment easy, even for non-security experts. The LLM guardrails work in conjunction with the LLM vulnerability scanner to ensure the safe and secure operation of generative AI by automatically applying guard rules that detect and reject malicious prompts deemed to require action during IT system operations, thereby preventing inappropriate responses. The LLM vulnerability scanner and LLM guardrails work with the attack AI agents and defense AI agents to enable proactive security measures for systems.

Figure 3: Generative AI security enhancement technology

Associate Professor Graham Neubig of Carnegie Mellon University, comments:

“The development of AI agents is rapidly advancing worldwide. OpenHands, an open-source project strongly supported by Carnegie Mellon University, facilitates the development of diverse AI agent services, functionalities, and technologies by incorporating external expertise. Combining Fujitsu’s multi-AI agent collaboration technology with OpenHands could significantly accelerate the development of cross-organizational multi-AI agent applications, which would be a remarkable achievement.”

Professor Yuval Elovici of Ben-Gurion University of the Negev, comments:

“Fujitsu’s innovative ‘Cyber Twin’ technology empowers companies to validate security policy compliance while simulating new attack and defense scenarios in a risk-free virtual environment. By enabling rigorous testing of business continuity without affecting real-world systems, this technology provides organizations with a powerful tool to swiftly address emerging new vulnerabilities and implement proactive, adaptive security strategies.”

Seraphina Goldfarb-Tarrant, Head of Safety, Cohere Inc., comments:

“Secure systems are mission-critical for enterprises to adopt and benefit from AI development. We’re excited that our ongoing work with Fujitsu enables Japanese companies to leverage AI with our best-in-class multilingual models and security enhancement technology.”

Future Plans

Fujitsu aims to further expand its AI agent capabilities to automate a wider range of security tasks. This includes developing agents for secure design, incident response, and security audits. Fujitsu will also continue to strengthen its technology for generative AI security enhancement, expanding its coverage to address vulnerabilities and mitigate hallucinations specific to Retrieval Augmented Generation (RAG) applications, ensuring even greater security and reliability for generative AI deployments.

Cyber Technology Insights: Oomnitza Enhances ITAM Platform with Security & Usability

To participate in our interviews, please write to our CyberTech Media Room at news@intentamplify.com