Karambit.AI Logo

Date: 09/16/2025

Vendor: Karambit.AI

Technology/Topic: Software Behavior Assurance for Safety and Cybersecurity

URL: https://karambit.ai

TEM Presentation Slide Deck

=====================================

Welcome to the Technical Exchange Meeting (TEM)!

Attackers are increasingly targeting software supply chains to harm the DoD and DIB, thereby undermining warfighter readiness and capability, as shown by the Solarwinds and XZ-utils attacks. Karambit.AI delivers software understanding by automatically evaluating behavioral risks associated with safety, security, and effectiveness, without requiring source code or execution. This approach enhances software safety and security while accelerating deployment. It also provides a clear understanding of how software updates might impact system reliability, expressed in natural human language.

Currently, our cybersecurity solution for detecting hidden behaviors is operational with Microsoft, where it scans over 4 billion files monthly, blocking threats that other cybersecurity tools fail to detect. Additionally, we have showcased our proficiency by conducting behavior analysis on AF Platform One Docker images and collaborating with various commercial software companies for deep behavioral risk analysis of their software. Our capabilities are currently awardable to the DoD on the Platform One Solutions Marketplace.

Our analysis capabilities extend to embedded firmware with demonstrations using drone autopilot software and multiple types of medical device firmware. This technology facilitates the swift deployment of safety-critical firmware updates while maintaining a high standard of security and reliability.

Our capability is unique in that it can understand software behavior from the to be deployed software itself, assessing the risk of hidden malicious behaviors compromising DoD and our other customers’ systems. Unlike other solutions we do not require source code nor execution, allowing us to find hidden attacks and evasions that other technologies would miss. We also go beyond cybersecurity risks, to deeply understand the safety and effectiveness implications of software behavior and how those may change from one version of the software to another.

=====================================

To join the DISA TEM mailing list, please contact: disa.tem@mail.mil

=====================================

Disclaimer:

— TEMs do not serve as a marketing venue or request for proposal actions.

— TEMs shall not be interpreted as a commitment by the Government to issue a solicitation or ultimately award a contract.

— TEMs do not serve as an endorsement of any presented technologies or capabilities

— Presentations will not be considered as proposals nor will any awards be made as a result of a TEM session.

— TEMs are public open forums – no proprietary or sensitive information should be presented during TEM sessions. Only publicly facing content is permissible in DISA TEM sessions.  

=====================================