As AI adoption accelerates, many organizations are discovering they aren't equipped to handle the unique risks associated with AI. In fact, a growing number of companies are struggling to integrate security and governance into their AI initiatives due to siloed teams with their own set of tools and metrics, leading to duplicated efforts and missed opportunities. Jennifer Glenn - Research Director, IDC Security and Trust Group states “One of the biggest challenges for security teams is translating incidents and compliance violations into quantifiable business risk. The rapid adoption of AI and agentic AI amplifies this issue. Unifying AI governance with AI security gives organizations the necessary context to find and prioritize risks, as well as the information to clearly communicate the consequences of not addressing them.”

Announcing the launch of new capabilities in Guardium AI Security, including an out-of-the-box enhanced integration with watsonx.governance, helps businesses keep their agentic AI and other generative AI systems secure and responsible at scale for trustworthy AI.

Guardium AI Security, now available as a Software-as-a-Service (SaaS) offering on AWS Marketplace, allows you to discover shadow AI, secure all AI models and use cases, get real-time protection from malicious prompts (see figure 1).

Figure 1: AI Risk dashboard

What is IBM Guardium AI Security?

Guardium AI Security offers a robust, enterprise-grade solution to manage the security of your AI assets, including AI agents, and brings together security and governance teams on a single set of metrics, for secure and trustworthy AI.

It enables you to secure your AI ecosystem, spanning custom or commercial models and AI services. With the AI Gateway, you can scan and protect the prompts that are coming into your applications, and the output the AI models are generating. Since each organization is unique, you can easily set the policies for different actions to be triggered like code injection, PII exposure, data leakage, and more. AI Security creates an inventory of all AI assets (see figure 2). It identifies all risks and misconfigurations around AI models, agents, and datasets and helps clients easily remediate them. It provides automated compliance workflows for regulations and frameworks so that audits are painless and with the integration with watsonx.governance you can achieve more compliance and governance flows.

Figure 1: AI Inventory

Key Features of Guardium AI Security

• Discover shadow AI to get full visibility into AI use cases to discover generative AI, shadow AI and agentic AI. Enable automated and continuous monitoring for AI models in your cloud, code repositories and embedded AI.
• Detect security vulnerabilities and misconfigurations and run automated penetration tests. Easily map the results to common assessment frameworks such as OWASP Top 10 for LLM, NIST AI RMF for easy remediation.
• Monitor prompts to your AI and define the security policies. This allows you to better secure your AI application.
• Manage AI to meet safety, transparency and privacy regulations and policies worldwide

IBM Guardium AI Security use cases

• Discovery: Discover which AI models are in use across your cloud AI providers, code repositories, embedded AI including shadow AI that may be unknown to security teams, and view an inventory of AI related assets.  
• Secure models: Track sanctioned models, identify all risks and vulnerabilities that contribute to your overall risk posture (see figure 3), and facilitate extensive pen-testing tests (AI Red-teaming) according to a rich library of behavioral policies
• Mandate safe usage: Detect when misconfigurations are present that could leave AI deployments vulnerable to common attack vectors like prompt injection, mapped to common security frameworks like the OWASP Top 10 for LLM, NIST AI RMF, MITRE
• Ensure AI Compliance: Proactive recommendations to mitigate risks and adhere to global data privacy and emerging AI regulations. 
• Model usage risk: Evaluate and monitor for fairness, accuracy, and drift, while protecting from harmful content using an integration with watsonx.governance.
• Lifecycle governance: Consistently manage, monitor and govern AI from AWS, IBM and other 3^rd party providers.

Figure 3: AI Security Posture Management

IBM and AWS Integrations

Guardium AI Security was built from the ground up as a native AWS solution and this translates into simple and fast integration with the AWS cloud accounts that you are targeting for security. Once integrated, which is typically done in minutes, the integrated discovery engines will identify all AI-related assets and subject them to further inspection to evaluate AI Risk. Naturally this includes the core AWS AI development platforms Amazon Sagemaker and Amazon Bedrock, but also adjacent technologies like S3 buckets (which are scanned for AI-related assets), AWS Secrets and even Jupyter notebooks, as all of these are known to be a factor in the AI ecosystem.  Guardium AI Security supports over 90 AWS/Amazon services relevant to AI projects on AWS. (see figure 4).

Figure 4: AWS/Amazon supported AI related assets

Benefits of procuring IBM Guardium AI Security from AWS Marketplace

Guardium AI Security on AWS Marketplace (see figure 5) provides procurement and IT teams with a consolidated and convenient billing process through their AWS accounts, eliminating traditional barriers to adoption and simplified SaaS onboarding process.

Figure 5: Guardium AI Security AWS Marketplace listing

Conclusion and next steps

Guardium AI Security is an offering that enables safe, secure, responsible usage of AI in the Enterprise.    IBM Guardium AI Security enables organizations to discover all the AI models, agents, and assets, known and unknown in the enterprise. Once discovered, policies are created and applied making sure only approved AI is used moving forward. AI security vulnerabilities and misconfigurations are continually monitored to surface and prioritize risks with the usage and implementation.  Guardrails are implemented to control the data that is input to the models and output from the models.    The user interface provides views and dashboards for both AI Security and Compliance teams to do their jobs. 

Getting started with IBM Guardium AI Security on AWS Marketplace is easy:

1.     Visit the IBM Guardium AI Security AWS Marketplace Listing.

2.     To learn more about how IBM Guardium AI Security visit the IBM Guardium AI Security product page.

3.     Book a live demo