Check Point Software Technologies Ltd. today revealed it has developed a cybersecurity platform to secure artificial intelligence (AI) factories in collaboration with NVIDIA.

Announced at the NVIDIA GTC conference, the AI Cloud Protect platform enables cybersecurity teams to leverage dynamic objects to enforce policies in real time using NVIDIA BlueField-3 data processing units (DPUs) to offload processing from graphics processing units (GPUs).

Validated to run on NVIDIA RTX PRO Servers, AI Cloud Protect leverages the unique direct memory access enabled by the Argus extension of the NVIDIA Data Center Infrastructure-on-a-Chip Architecture (DOCA) framework to provide visibility into all running processes on the AI node.

Aaron Rose, security architect manager in the Office of the CTO for Check Point, said the AI Cloud Protect platform enables Check Point to detect and prevent host-level malicious processes and workloads that are being used to, for example, poison an AI model, inject malicious prompts, or inadvertently expose that AI model to sensitive data.

That ability to unify the management and automation of security orchestration across thousands of nodes is needed to secure AI attack surfaces that span massive compute and data pipelines typical of a highly distributed computing environment, he added. In effect, Check Point is employing hyper-segmentation and, when needed, virtual patching to secure those nodes using the same core management framework it already provides to manage cybersecurity workflows, noted Rose.

The overall goal is to provide a frictionless approach to applying security policies that doesn’t slow the pace of AI training or deployment of inference engines in a production environment, he added.

It’s not clear who within organizations is taking the lead on securing AI platforms. While cybersecurity teams are inevitably held accountable for any breach, data science teams generally have a high appreciation for any type of threat that would require them to retrain a model that took months to build, noted Rose.

Unfortunately, cybercriminals have already taken note of AI applications and infrastructure, which from their perspective only serve to add another set of rich potential targets to exploit.

Regardless of approach, securing AI applications on an end-to-end basis will require cybersecurity teams to revisit existing workflows and processes as thousands of AI agents are deployed across the enterprise. Each of those AI agents has its own set of identities and permissions so from a cybersecurity perspective it’s roughly equivalent to adding thousands of endpoints that are likely to be targeted by malicious actors.

In most cases, those AI agents will hopefully inherit the permissions and controls that already apply to the end users that created them. However, there will be AI agents that are able to autonomously perform tasks on behalf of a team, each of which will need to be individually secured.

More challenging still, many of those AI agents will attempt to access any and all data available unless specific guardrails have been implemented to prevent that from occurring.

Ultimately, ensuring security in the age of agentic AI will require some additional foresight. Otherwise, organizations are about to once again learn some painful cybersecurity lessons about securing emerging technologies the hardest way possible.