Key Takeaways:
- Microsoft Defender for Cloud has introduced AI threat protection in public preview.
- This new feature helps detect and respond to security risks in generative AI applications.
- The feature integrates with Azure AI Content Safety Prompt Shields and Microsoft’s threat intelligence to identify threats like data leakage.
As AI applications become more common, protecting them from cyber threats is increasingly important. Microsoft’s new AI threat protection feature in Defender for Cloud helps organizations detect and respond to security risks in generative AI systems.
Microsoft Defender for Cloud is a security solution that is designed to protect cloud-based applications and workloads against cyber attacks and vulnerabilities. It provides features like Cloud-Native Application Protection Platform (CNAPP), Unified DevOps Security Management, Cloud Security Posture Management (CSPM), and Cloud Workload Protection Platform (CWPP). Microsoft Defender for Cloud supports multicloud and hybrid environments, including Azure, AWS, and Google Cloud Platform.
In Microsoft Defender for Cloud, the AI threat protection feature uses Azure AI Content Safety Prompt Shields and Microsoft’s threat intelligence to detect security threats like data leakage, data poisoning, credential theft, and jailbreaking. It then triggers alerts to notify the Security Operations Center (SOC) of potential breaches or AI model tampering, which helps maintain the integrity and security of AI resources.
“Threat protection for AI workloads integrates with the Defender XDR, allowing security teams to centralize AI workload alerts in the Defender XDR portal. Security teams can correlate AI workload alerts and incidents in the Defender XDR portal to understand the full scope of an attack, including malicious activities related to their generative AI applications,” Microsoft explained.
How to enable threat protection for AI workloads in Microsoft Defender for Cloud?
To enable threat protection for AI workloads, administrators will need to follow the steps mentioned below:
- Sign into the Azure portal and select Microsoft Defender for Cloud.
- Click the Environment settings option available in the Defender for Cloud menu.
- Select the specific Azure subscription.
- Navigate to the Defender plans page and enable the AI workloads toggle.
The AI threat protection feature is currently available in preview for Defender for Cloud customers. Keep in mind that Microsoft advises against opting out of prompt-based triggered alerts for Azure OpenAI Content filtering, as doing so would disable a key monitoring tool. This could significantly weaken Defender for Cloud’s ability to detect and respond to security threats effectively.