Cisco brings AI assistant to cloud app security service

Cisco is launching a generative AI-based assistant to help customers handle cloud-native application security issues more quickly and efficiently.

The Cisco AI Assistant for Panoptica will help businesses streamline, prioritize, and remediate risks and misconfigurations in multi-cloud environments, according to Vijoy Pandey, senior vice president of Cisco’s Outshift advanced development group, who wrote about the product in a blog.

Cisco’s Panoptica package, developed by Outshift and available since September, is a cloud-native security platform designed to secure cloud applications from development to deployment with a focus on protecting containerized, microservice applications running on platforms such as Kubernetes. 

The platform allows customers to define and enforce security policies through tools like Terraform, and it monitors application behavior to detect and prevent threats in real time, according to Cisco. This includes features found in intrusion detection and prevention systems and specifically designed for cloud-native environments.

The newly added AI Assistant understands plain, everyday language and offers instant, custom assistance in prioritizing, investigating, and remediating a customer’s specific security issues, Pandey stated. “So, you can ask things like ‘What are my most important vulnerabilities?’ and ‘Help me understand this attack path and how to fix it.’ Consequently, it has awareness and intelligence about your live environment including all the data Panoptica tracks about your posture, vulnerabilities, and attack paths,” Pandey wrote.

“More excitingly, this Generative AI-based UI has a ‘lens-like’ interface feature that lets you get answers scoped to whatever part of the Panoptica UI that you focus the ‘lens’ on (including detailed Attack Paths), saving you the trouble of rephrasing that context yourself,” Pandey stated.

And it does all this with an architecture that follows the principles of responsible AI, according to Pandey. “For example, the Cisco AI Assistant for Panoptica does not let your Panoptica data be retained by any large language model,” he wrote.

In addition to the AI Assistant, Outshift has added an LLM security and protection suite to Panoptica. Called GenAI Protection, the suite is designed to help enterprises guard their generative AI-based applications against the top security risks and attack vectors that target LLMs (the top risks are defined by industry-leading security frameworks such as Open Worldwide Application Security Project Top Ten, MITRE, and NIST, Pandey stated).

“With our GenAI Protection, organizations can better understand training and fine-tuning data, models and artifacts such as AI Bill of Materials (AI BOM) vulnerabilities, or infusing model inference such as prompt inject and insecure prompt handling,” Pandey wrote. “Simply put, it detects malicious prompts made by users, blocks them, and reports them in Panoptica, as part of API security.