Hardening Gen AI Application Security with Microsoft Defender for Cloud

Among the avalanche of security announcements this week, Microsoft has kicked off the first day of RSAC 2024 by unveiling new capabilities to protect Gen AI applications in the enterprise with Microsoft Defender for Cloud.

Currently in limited preview, Microsoft announced AI security posture management (AI-SPM) as part of Defender Cloud Security Posture Management (CSPM). It aims to leverage Microsoft Azure AI services, such as Microsoft Azure AI Content Safety and Azure OpenAI, to provide ongoing surveillance of AI applications, detecting any irregular behavior, consolidating observations and enhancing security alerts with logged evidence.

[Click on image for larger view.] Figure 1.

"The new AI posture capabilities in Defender CSPM discover GenAI artifacts by scanning code repositories for Infrastructure-as-Code (IaC) misconfigurations and scanning container images for vulnerabilities," wrote Microsoft's Shiran Horev in a blog post. "With this, security teams have full visibility of their AI stack from code to cloud and can detect and fix vulnerabilities and misconfigurations before deployment."

Breaking down some of the new security capabilities of the posture, AI-SPM will be able to:

  • Continuously discover GenAI application components and AI-artifacts from code to cloud.
  • Explore and remediate risks to GenAI applications with built-in recommendations to strengthen security posture.
  • Identify and remediate toxic combinations in GenAI applications using attack path analysis.
  • Detect on GenAI applications powered by Azure AI Content Safety prompt shields, Microsoft threat intelligence signals, and contextual activity monitoring.
  • Hunt and investigate attacks in GenAI apps with built-in integration with Microsoft Defender.

Furthermore, Microsoft is releasing threat protection for AI workloads in Microsoft Defender for Cloud in preview. This new feature will natively integrate with Azure OpenAI Service, Azure AI Content Safety prompt shields and Microsoft threat intelligence to deliver contextual and actionable security alerts in real time.
The new feature can also link with Microsoft Defender XDR to enable security teams to correlate AI workload-related security alerts with broader security incidents to provide enterprises with a more complete view of their security standing.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.


comments powered by Disqus

Subscribe on YouTube