Aqua Security has unveiled the next phase of its AI security strategy with the introduction of Secure AI, full lifecycle security from code to cloud to prompt. These new capabilities secure AI applications through the development process and into production, including deep visibility, continuous governance, and real-time protection against threats specific to AI workloads, without requiring changes to application code or development workflows. It is security for AI that does not compromise speed.
As organizations race to embrace generative AI and large language models (LLMs), they are unknowingly expanding their attack surface, introducing new risks such as prompt injection, insecure output handling, and unauthorized use of AI models. IDC predicts over 1 billion new AI applications by 2028, translating into 10 billion containers deployed across cloud native environments. At the same time, attacks on AI workloads have surged 400%, targeting the very layer where AI applications execute. That’s why securing AI workloads demands runtime visibility and control. As the cloud native stack becomes the hotbed for running AI applications, Aqua is uniquely positioned to extend its leadership in runtime protection to the emerging challenges of AI security.
“The rise of AI is redefining how applications are built, with most of these workloads deployed in containers,” said Amir Jerbi, CTO at Aqua Security.
“Aqua has spent nearly a decade protecting cloud native applications and this is the natural extension of that leadership. We’re bringing the same deep runtime protection that made Aqua the gold standard in container security to the next generation of AI-powered applications, with AI-first capabilities designed to address the unique risks and complexity introduced by LLMs, autonomous agents, and evolving AI-driven workflows,” Jerbi continued.
With Secure AI, security teams can detect AI usage including models, platforms, and versions, enforce governance policies aligned to OWASP Top 10 for LLMs, and stop emerging threats in real time. This includes visibility into AI agent-driven workloads, helping organizations understand how increasingly autonomous applications behave and where risk may emerge.
Aqua’s full lifecycle security for AI applications now includes:
- AI Code scanning and validation – Detects AI usage during development by scanning application code and validating secure handling of inputs and outputs related to LLMs and generative AI features.
- AI Cloud services configuration checks (AI-SPM) – Assesses the security posture of cloud-based AI services, ensuring configurations align with organizational policies.
- Runtime detection and response to AI threats – Identifies unsafe AI usage, detects suspicious activity and stops malicious activity, without requiring any changes to your application or code
- AI visibility and governance at runtime – Provides comprehensive visibility into the AI models, platforms, and versions used across environments, mapped to the OWASP Top 10 for LLMs to enforce usage policies.
- Prompt defense – Evaluates LLM prompts to identify LLM-based attacks, including code injection, JailBreak and more.
- AI security dashboard – Correlates insights from development, infrastructure, and runtime into a single-pane-of-glass view of AI-related risks across the organization.
“There’s growing demand for AI-specific security controls from customers across every vertical,” said Dror Davidoff, CEO at Aqua Security. “By embedding Secure AI into the Aqua Platform, we’re giving security teams the control and visibility they need to enable safe and scalable GenAI innovation.”