Terrill Dickey
December 3, 2024 20:23
NVIDIA introduced AI Blueprints to improve application security and operational efficiency by automating early security patches in AWS’ CI pipeline.
The shift to microservices-based architectures has transformed modern application development, providing flexibility and scalability while introducing new security challenges. With the advent of this architecture, engineering teams now face exponentially increased responsibilities, including network security, identity management, and vulnerability scanning across numerous services. According to NVIDIA, manual vulnerability patching is increasingly impractical and requires automation for consistent and scalable security measures.
Automation with NVIDIA AI Blueprint
NVIDIA’s AI Blueprint provides a solution for automating vulnerability remediation early in the continuous integration (CI) pipeline. This method leverages NVIDIA NIM microservices, NVIDIA Morpheus, and AWS cloud native services such as Amazon EKS, AWS Lambda, and Amazon Inspector. This setup not only accelerates threat response but also ensures compliance with regulatory requirements.
NVIDIA Morpheus: Real-time threat detection
NVIDIA Morpheus is a GPU-accelerated AI framework for cybersecurity applications that uses machine learning models to detect security threats such as phishing and malware. Morpheus integrates with your existing security infrastructure to improve your organization’s threat detection capabilities in near real-time.
AI Blueprint for Vulnerability Analysis
NVIDIA AI Blueprint for Vulnerability Analysis, built with Morpheus, automates the detection and remediation of common vulnerabilities and exposures (CVEs). We ensure comprehensive vulnerability analysis by processing code repositories and gathering intelligence from public security databases to maintain an updated knowledge base.
Implementing AI Blueprint on AWS
Integrating NVIDIA AI Blueprint with AWS services such as Amazon ECR and Amazon Inspector simplifies the process of scanning and analyzing container images for vulnerabilities. This setup uses AWS EventBridge and Lambda for event-driven automation to increase efficiency and reduce operational overhead.
Full solution architecture
Architecture involves several steps, from packaging application code to analyzing vulnerabilities. When you scan an image with Amazon Inspector, the results are updated in our database, triggering further analysis and issue creation through Amazon Bedrock. This approach allows engineering teams to focus on business value while maintaining high security standards.
Overall, NVIDIA’s AI Blueprint, combined with AWS services, simplifies the traditionally complex security patching process. This automation allows engineering teams to increase security without additional operational burden.
Image source: Shutterstock