AI Runtime Security Overview
Focus
Focus
AI Runtime Security

AI Runtime Security Overview

Table of Contents

AI Runtime Security Overview

Introduce the AI Runtime Security posture management solution from Palo Alto Networks to protect your network architecture against network threats.
Where Can I Use This?What Do I Need?
  • AI Runtime Security
The AI Runtime Security provides centralized network security posture management to discover and protect your AI and non-AI network traffic and secure your next-generation AI models, AI applications, and AI datasets from network attack threats such as prompt injections, sensitive data leakage, insecure output (for example, malware and URLs), and model DoS attacks.
To defend your architecture, deploy an AI Runtime Security instance in your network architecture.
An AI Runtime Security instance is a specific deployment of AI Runtime Security within your cloud environment. It uses AI-powered real-time Inline Cloud Analysis services to continuously monitor the network traffic between your AI applications, AI models, and AI datasets to detect, mitigate, or remediate malicious threats.
AI Runtime Security provides AI application protection, AI model protection, and AI data protection.

AI Runtime End-to-End Security Workflow

The AI Runtime Security instance monitors both AI and non-AI traffic within the protected workloads of your cloud environment. Its security posture offers a comprehensive workflow covering ingress, egress, and east-west traffic.
Deployment Profile Activation on Hub
To begin with, activate your AI Runtime licenses, and create an AI runtime deployment profile in the Palo Alto Customer Support Portal (CSP), associate it with a TSG, and activate the cloud tenant.
Activation and Onboarding of Cloud Account in Strata Cloud Manager
This involves configuring the cloud account in the Strata Cloud Manager with the service account and deploying the generated Terraform in your cloud environment. The Terraform script creates AI Runtime Security resources and grants necessary permissions to enable asset discovery from Strata Cloud Manager.
Discovery of Application Workloads
Following the successful activation of your account, the Strata Cloud Manager InsightsAI Runtime Security dashboard provides a consolidated overview of the identified cloud assets and the network traffic pathways—between applications and AI models, user applications to the internet, and external applications to user applications. This interactive view assists in analyzing risks associated with unprotected applications and evaluating potential threats.
AI Runtime Security instance Deployment in the Cloud
Deploy the AI Runtime Security instance in your cloud environment to protect vulnerable assets and monitor network traffic flow based on the risk analysis from the Strata Cloud Manager dashboard.
Defend with Granular Security Policies
To defend and prevent potential AI attacks create specific security policies and push the onboarding rules and policy configuration snippets from Strata Cloud Manager to the AI Runtime Security instance.
Define AI security profiles for application protection, AI model protection, and data protection with capabilities for alert actions, blocking actions, and log forwarding.
You can define security policy rules for a zone or a Dynamic Address Group.
As AI traffic flows from VM-based applications to models, the deployed AI Runtime Security instance connects to the cloud service to fetch the AI traffic and threat logs.
It monitors and applies the security rules to identify threats. Detailed logs are available for analysis in Strata Cloud Manager under Incidents and AlertsLog ViewerFirewall/AI Security
.

Comprehensive AI Runtime Security Solution in Strata Cloud Manager

The AI Runtime Security instance provides visibility and security insights into your cloud network architecture. The Strata Cloud Manager Command Center dashboard provides a holistic graphical view of all the cloud assets discovered and prioritizes the threats based on severity. The Strata Cloud Manager dashboard helps to assess and provides actionable insights on the risky network traffic flow between user applications, AI models, and the internet.
To secure your cloud network architecture, create an AI Runtime Security deployment profile in CSP and onboard your cloud account in Strata Cloud Manager.
In Strata Cloud Manager, go to Insights → AI Runtime Security and click on Get Started.
Landscape Discovery
Discover all the cloud assets and correlate the AI network traffic interactions between the discovered resources such as AI applications, AI models, and AI data. The Cloud Application Command Center in Strata Cloud Manager provides holistic runtime posture management. It summarizes the threats breakdown based on the severity of risks and the category of the risk identified such as vulnerability detection, URL security, and Prompt Injection.
You can further drill down into each asset discovery to assess the threat and place an AI Runtime Security instance to protect the network traffic flow between AI applications, AI models, and the Internet.
Deploy Protections
Deploy an AI Runtime Security instance to secure the network traffic path between discovered assets. The protection configuration generates a Terraform script for your cloud network architecture. Download, customize, and deploy it in your cloud network to create the necessary resources. This allows Strata Cloud Manager to access, discover, and monitor your protected cloud assets in real time. See Deploy AI Runtime Security: Network Intercept in Public Clouds.
Threat Detections
The AI Network flow logs help you to detect and flag runtime malicious threats and correlate them with cloud assets discovered in the Strata Cloud Manager Command Center dashboard.
Traffic Protection
Defend all network transactions and prevent AI and non-AI-related network threats by creating security policy rules. To prevent security threats, create an AI security profile configured with AI application protection, AI model protection, and AI data protection.
Create an AI security profile, attach this profile to a security profile group, create a security policy, and attach this security profile group to this policy. Push policy configurations to the AI Runtime Security instance in your AI network architecture.
The AI Runtime Security instance enforces policy rules on traffic and generates logs with the verdict. View threat logs filtered by AI security threats in Strata Cloud Manager under Incidents and Alerts > Log Viewer.