Agentic AI is redefining the cybersecurity landscape — introducing new opportunities that demand rethinking how to secure AI while offering the keys to addressing those challenges.
Unlike standard AI systems, AI agents can take autonomous actions — interacting with tools, environments, other agents and sensitive data. This provides new opportunities for defenders but also introduces new classes of risks. Enterprises must now take a dual approach: defend both with and against agentic AI.
Building Cybersecurity Defense With Agentic AI
Cybersecurity teams are increasingly overwhelmed by talent shortages and growing alert volume. Agentic AI offers new ways to bolster threat detection, response and AI security — and requires a fundamental pivot in the foundations of the cybersecurity ecosystem.
Agentic AI systems can perceive, reason and act autonomously to solve complex problems. They can also serve as intelligent collaborators for cyber experts to safeguard digital assets, mitigate risks in enterprise environments and boost efficiency in security operations centers. This frees up cybersecurity teams to focus on high-impact decisions, helping them scale their expertise while potentially reducing workforce burnout.
For example, AI agents can cut the time needed to respond to software security vulnerabilities by investigating the risk of a new common vulnerability or exposure in just seconds. They can search external resources, evaluate environments and summarize and prioritize findings so human analysts can take swift, informed action.
Leading organizations like Deloitte are using the NVIDIA AI Blueprint for vulnerability analysis, NVIDIA NIM and NVIDIA Morpheus to enable their customers to accelerate software patching and vulnerability management. AWS also collaborated with NVIDIA to build an open-source reference architecture using this NVIDIA AI Blueprint for software security patching on AWS cloud environments.
AI agents can also improve security alert triaging. Most security operations centers face an overwhelming number of alerts every day, and sorting critical signals from noise is slow, repetitive and dependent on institutional knowledge and experience.
Top security providers are using NVIDIA AI software to advance agentic AI in cybersecurity, including CrowdStrike and Trend Micro. CrowdStrike’s Charlotte AI Detection Triage delivers 2x faster detection triage with 50% less compute, cutting alert fatigue and optimizing security operation center efficiency.
Agentic systems can help accelerate the entire workflow, analyzing alerts, gathering context from tools, reasoning about root causes and acting on findings — all in real time. They can even help onboard new analysts by capturing expert knowledge from experienced analysts and turning it into action.
Enterprises can build alert triage agents using the NVIDIA AI-Q Blueprint for connecting AI agents to enterprise data and the NVIDIA Agent Intelligence toolkit — an open-source library that accelerates AI agent development and optimizes workflows.
Protecting Agentic AI Applications
Agentic AI systems don’t just analyze information — they reason and act on it. This introduces new security challenges: agents may access tools, generate outputs that trigger downstream effects or interact with sensitive data in real time. To ensure they behave safely and predictably, organizations need both pre-deployment testing and runtime controls.
Red teaming and testing help identify weaknesses in how agents interpret prompts, use tools or handle unexpected inputs — before they go into production. This also includes probing how well agents follow constraints, recover from failures and resist manipulative or adversarial attacks.
Garak, a large language model vulnerability scanner, enables automated testing of LLM-based agents by simulating adversarial behavior such as prompt injection, tool misuse and reasoning errors.
Runtime guardrails provide a way to enforce policy boundaries, limit unsafe behaviors and swiftly align agent outputs with enterprise goals. NVIDIA NeMo Guardrails software enables developers to easily define, deploy and rapidly update rules governing what AI agents can say and do. This low-cost, low-effort adaptability ensures quick and effective response when issues are detected, keeping agent behavior consistent and safe in production.
Leading companies such as Amdocs, Cerence AI and Palo Alto Networks are tapping into NeMo Guardrails to deliver trusted agentic experiences to their customers.
Runtime protections help safeguard sensitive data and agent actions during execution, ensuring secure and trustworthy operations. NVIDIA Confidential Computing helps protect data while it’s being processed at runtime, aka protecting data in use. This reduces the risk of exposure during training and inference for AI models of every size.
NVIDIA Confidential Computing is available from major service providers globally, including Google Cloud and Microsoft Azure, with availability from other cloud service providers to come.
The foundation for any agentic AI application is the set of software tools, libraries and services used to build the inferencing stack. The NVIDIA AI Enterprise software platform is produced using a software lifecycle process that maintains application programming interface stability while addressing vulnerabilities throughout the lifecycle of the software. This includes regular code scans and timely publication of security patches or mitigations.
Authenticity and integrity of AI components in the supply chain is critical for scaling trust across agentic AI systems. The NVIDIA AI Enterprise software stack includes container signatures, model signing and a software bill of materials to enable verification of these components.
Each of these technologies provides additional layers of security to protect critical data and valuable models across multiple deployment environments, from on premises to the cloud.
Securing Agentic Infrastructure
As agentic AI systems become more autonomous and integrated into enterprise workflows, the infrastructure they rely on becomes a critical part of the security equation. Whether deployed in a data center, at the edge or on a factory floor, agentic AI needs infrastructure that can enforce isolation, visibility and control — by design.
Agentic systems, by design, operate with significant autonomy, enabling them to perform impactful actions that can be both beneficial or potentially harmful. This inherent autonomy requires protecting runtime workloads, operational monitoring and strict enforcement of zero-trust principles to secure these systems effectively.
NVIDIA BlueField DPUs, combined with NVIDIA DOCA Argus, provides a framework that enables applications to access comprehensive, real-time visibility into agent workload behavior and accurately pinpoint threats through advanced memory forensics. Deploying security controls directly onto BlueField DPUs, rather than server CPUs, further isolates threats at the infrastructure level, substantially reducing the blast radius of potential compromises and reinforcing a comprehensive, security-everywhere architecture.
Integrators also use NVIDIA Confidential Computing to strengthen security foundations for agentic infrastructure. For example, EQTYLab developed a new cryptographic certificate system that provides the first on-silicon governance to ensure AI agents are compliant at runtime. It will be featured at RSA this week as a top 10 RSA Innovation Sandbox recipient.
NVIDIA Confidential Computing is supported on NVIDIA Hopper and NVIDIA Blackwell GPUs, so isolation technologies can now be extended to the confidential virtual machine when users are moving from a single GPU to multi-GPUs.
Secure AI is provided by Protected PCIe and builds upon NVIDIA Confidential Computing, allowing customers to scale workloads from a single GPU to eight GPUs. This lets companies adapt to their agentic AI needs while delivering security in the most performant way.
These infrastructure components support both local and remote attestation, enabling customers to verify the integrity of the platform before deploying sensitive workloads.
These security capabilities are especially important in environments like AI factories — where agentic systems are beginning to power automation, monitoring and real-world decision-making. Cisco is pioneering secure AI infrastructure by integrating NVIDIA BlueField DPUs, forming the foundation of the Cisco Secure AI Factory with NVIDIA to deliver scalable, secure and efficient AI deployments for enterprises.
Extending agentic AI to cyber-physical systems heightens the stakes, as compromises can directly impact uptime, safety and the integrity of physical operations. Leading partners like Armis, Check Point, CrowdStrike, Deloitte, Forescout, Nozomi Networks and World Wide Technology are integrating NVIDIA’s full-stack cybersecurity AI technologies to help customers bolster critical infrastructure against cyber threats across industries such as energy, utilities and manufacturing.
Building Trust as AI Takes Action
Every enterprise today must ensure their investments in cybersecurity are incorporating AI to protect the workflows of the future. Every workload must be accelerated to finally give defenders the tools to operate at the speed of AI.
NVIDIA is building AI and security capabilities into technological foundations for ecosystem partners to deliver AI-powered cybersecurity solutions. This new ecosystem will allow enterprises to build secure, scalable agentic AI systems.
Join NVIDIA at the RSA Conference to learn about its collaborations with industry leaders to advance cybersecurity.
See notice regarding software product information.
