Pillar and Frost & Sullivan: what this AI security ranking means

TL;DR: Frost & Sullivan named Pillar Security the 2025 Competitive Strategy Leader in the global generative AI security market, citing AI asset discovery, adversarial red teaming, runtime guardrails, and enterprise deployment support across hybrid, cloud, and on-premise environments. The real takeaway is that AI security is moving from point controls to lifecycle governance across discovery, testing, policy, and runtime enforcement.

NHIMG editorial — based on content published by Pillar Security: A Milestone for Pillar, honored as Frost & Sullivan's 2025 Competitive Strategy Leader for AI Security

By the numbers:

• 96% of technology professionals identify AI agents as a growing security threat, and 66% believe this risk is immediate.
• When AWS credentials are exposed publicly, attackers attempt access within an average of 17 minutes.

Questions worth separating out

Q: How should security teams govern AI systems that can invoke tools and access data?

A: Security teams should govern AI systems with the same discipline used for high-risk non-human identities: inventory the asset, define ownership, constrain tool access, and monitor runtime actions.

Q: Why do AI agents create a different security problem from standard automation?

A: AI agents create a different problem because they can choose actions at runtime, combine tools dynamically, and change behavior based on context.

Q: How can organisations tell whether their AI controls are actually working?

A: They should look for evidence that inventories are complete, tool access is bounded, and runtime events are being logged and reviewed.

Practitioner guidance

• Map every AI asset to an accountable owner Build an inventory that includes models, prompts, datasets, connected tools, and local environments, then assign explicit ownership for each entry.
• Test AI systems with adversarial scenarios end to end Move beyond prompt-only checks and simulate multi-step abuse across data retrieval, tool invocation, and delegated actions.
• Place enforcement at the runtime layer Use guardrails that evaluate actions as they happen, not only during design review or deployment approval.

What's in the full article

Pillar Security's full blog post covers the operational detail this post intentionally leaves for the source:

• Specific evidence behind Frost & Sullivan’s market assessment of AI security strategy
• Details on the platform’s discovery, red teaming, and runtime guardrail approach
• Architecture notes on hybrid, cloud, and on-premise deployment support
• The report language Pillar used to position AI-native security across the lifecycle

👉 Read Pillar Security's announcement on Frost & Sullivan's AI security recognition →

Pillar and Frost & Sullivan: what this AI security ranking means?

Explore further

View Full Forum →  |  NHI Foundation Course →