Aqua Security Unveils Secure AI for Full Lifecycle Protection

New capabilities include governance and policy-driven detection and response for AI-powered cloud native applications.

Aqua Security unveiled the next phase of its security strategy with the introduction of Secure Artificial Intelligence (AI), designed to provide full lifecycle security from code to cloud to prompt. These capabilities enhance the security of AI applications throughout the development process and into production by ensuring deep visibility, continuous governance, and real-time protection against threats specific to AI workloads, all without requiring changes to application code or development workflows.

As organizations adopt Generative AI (GenAI) and large language models, they expand their attack surfaces which introduces new risks, including prompt injection and unauthorized use of AI models. IDC anticipates over 1 billion new AI applications by 2028, corresponding to 10 billion containers deployed in cloud native environments. Concurrently, attacks on AI workloads have increased by 400%, targeting the specific layer where AI applications function. Securing these workloads with runtime visibility and control has been a focus for Aqua, which offers robust container-level insights, behavioral detection, and policy enforcement.

“The rise of AI is redefining how applications are built, with most of these workloads deployed in containers,” said Amir Jerbi, CTO and co-founder at Aqua Security. “Aqua has spent nearly a decade protecting cloud native applications, and this extension introduces the same level of runtime protection for AI-powered applications, addressing the unique risks linked to LLMs and evolving AI-driven workflows.”

With Secure AI, security teams can detect AI usage, enforce governance policies, and respond to emerging threats in real time including visibility into AI agent-driven workloads, which helps organizations understand behavior and identify potential risks.

Aqua’s Full Lifecycle Security for AI Applications now includes:

• AI Code Scanning and Validation – Detects AI usage during development by scanning application code and ensuring secure handling of inputs and outputs related to LLMs and GenAI features.
• AI Cloud Services Configuration Checks (AI-SPM) – Assesses the security posture of cloud-based AI services to ensure compliance with organizational policies.
• Runtime Detection and Response to AI Threats – Identifies unsafe AI usage and detects suspicious activity without necessitating changes to applications or code.
• AI Visibility and Governance at Runtime – Provides comprehensive visibility into AI models and platforms used across environments mapped to Open Web Application Security Project (OWASP) Top 10 for LLMs.
• Prompt Defense – Evaluates Large Language Model (LLM) prompts to identify various types of attacks, including code injection.
• AI Security Dashboard – Correlates insights from development, infrastructure, and runtime into a unified view of AI-related risks.

Aqua began its focus on AI security in 2024 with the introduction of unique protections for LLM-based applications. This enhancement solidifies the Aqua Platform as the only cloud native security solution offering complete lifecycle protection for AI workloads from code commit to runtime.

“There’s growing demand for AI-specific security controls from customers across every vertical,” said Dror Davidoff, CEO and co-founder at Aqua Security. “By embedding Secure AI into the Aqua Platform, we’re providing security teams with the control and visibility necessary to enable safe and scalable AI innovations.”

Aqua’s solution addresses threats outlined in OWASP’s Top 10 for LLMs and mitigates risks across development, infrastructure, and runtime layers, helping enterprises adopt a structured approach to securing the next generation of cloud native applications.