Intelligenza artificiale (IA)
AI Security: NVIDIA BlueField Now with Vision One™
Launching at NVIDIA GTC 2025 - Transforming AI Security with Trend Vision One™ on NVIDIA BlueField
Save to Folio
As artificial intelligence continues to proliferate across cloud, core, and edge environments, cybersecurity becomes increasingly important for modern enterprises. AI factories have emerged as a new class of computing infrastructure, purpose-built to support AI workloads at every scale. They present unique security requirements that traditional endpoint protection solutions struggle to address effectively—challenges that will only intensify with the rise of agentic AI. Protecting the AI factory is essential, as it houses some of an enterprise’s most valuable assets—data, models, intellectual property, and the operational systems that power AI innovation. Together with the massive computational demands, distributed architectures, and real-time processing requirements of AI workloads, these forces are driving the need for new, innovative security approaches in AI factories.
The path forward is clear: securing AI requires moving beyond bolt-on solutions to built-in, full-stack protection. This post reveals how Trend Vision One™, running on NVIDIA BlueField DPUs, is setting a new standard, combining hardware acceleration, real-time workload visibility, and advanced threat intelligence to protect AI factories at scale—without sacrificing performance.
The AI Factory Security Challenge
Modern AI Factories face several key security needs and challenges that traditional tools were not designed to handle:
- Scale and Performance: AI workloads require enormous computational resources, and traditional security solutions can significantly impact performance. Many AI applications cannot tolerate the latency introduced when traditional security inspection is applied. When security processing competes with AI computation for CPU resources, it degrades the very capabilities organizations are trying to protect. Addressing these challenges requires security mechanisms that operate at line speed without consuming valuable compute cycles.
- Distributed Architecture: AI workloads scale across dozens—or even hundreds—of physical nodes. AI factories are often multi-tenant and span multiple data center environments. This distributed nature introduces complex attack surfaces with numerous potential entry points requiring consistent policy enforcement, real-time visibility, and coordinated defense across the environment
- Comprehensive Visibility: Securing AI infrastructure requires comprehensive, real-time visibility across every layer of the stack—from the state of AI workloads at runtime, to the underlying infrastructure where modern attacks often originate. However, traditional endpoint security tools were designed to monitor individual devices, not the complex, distributed environments of AI factories—leaving critical blind spots that attackers can exploit.
Introducing Trend Vision One AI Factory EDR
Trend Micro has teamed up with NVIDIA to introduce a new era of security for AI factories—one where protection is not an afterthought, but an integral part of the infrastructure itself. With AI Factory EDR, Trend combines the threat intelligence and analytics of Trend Vision One™ with the robust, autonomous security processing of NVIDIA BlueField DPUs, delivering real-time protection at the speed and precision of AI. Security operations are now embedded within the infrastructure of the AI factory, without competing for CPU cycles or degrading performance, continuously securing the infrastructure and workloads at runtime.
Trend Vision One with a focus on AI Factory EDR gives enterprises unified visibility and control across every node and workload within their AI infrastructure. It continuously monitors workload behavior—tracking processes, system activity, and file operations—and correlates this telemetry with continuously updated global threat intelligence to detect and contain threats before they can spread.
With AI Factory EDR, security teams gain comprehensive insight into the operation of AI workloads across the entire AI factory, enabling them to detect and respond to both known and emerging threats in real time—minimizing risk and reducing potential impact.
NVIDIA BlueField DPUs are built into NVIDIA-accelerated systems and AI factories, powering the networking, data, and security infrastructure that enterprises deploy to run AI at scale. AI Factory EDR builds on this pervasive foundation, seamlessly integrating Trend Vision One’s advanced detection and response capabilities into BlueField-powered environments. This makes it easy for enterprises to add advanced security where AI workloads already run—delivering protection with the same performance, scalability, and efficiency that drive their AI operations.
Inside the AI Factory EDR
At the heart of capability is a simple but powerful idea—security should run within the AI infrastructure, not on top of it. Built on NVIDIA BlueField DPUs, Trend Vision One AI Factory EDR leverages the NVIDIA DOCA software platform to deliver protection at the infrastructure and workload layers. This unique integration enables Trend Vision One to deploy a lightweight, autonomous agent directly on BlueField, combining hardware isolation, runtime visibility, and advanced threat detection to protect AI workloads at runtime.
NVIDIA BlueField data processing units are purpose-built processors that offload, accelerate, and isolate infrastructure and security operations—enabling high-performance networking, data movement, and cybersecurity processing that power AI at scale. By offloading these functions from the host CPU into dedicated processing engines, BlueField enforces security policies autonomously—ensuring protection even if the host is compromised. Operating in a separate trust domain, it continuously monitors host behavior, application processes, traffic patterns and other indicators without impacting performance. This distributed, zero-trust security model enables line-speed visibility and enforcement, ensuring that every data packet and process interaction within the AI factory is both observable and secure.
A key element that makes AI Factory EDR possible is the integration of the DOCA Argus microservice, which provides real-time situational awareness and runtime threat detection by inspecting host memory using advanced memory forensics. Operating at the hardware level, Argus performs live machine introspection—analyzing specific segments of volatile host memory to detect threats in real time without impacting system performance. To preserve privacy, it extracts information only from kernel structures, never from user data.
Unlike conventional security tools, DOCA Argus runs independently of the host, requiring no agents, software integration, or reliance on host-based resources. This agentless, zero-overhead design enhances system efficiency and resilience across bare-metal, virtualized, containerized, and multi-tenant environments. By operating in an isolated trust domain, Argus remains invisible to attackers—even if the host system is compromised.
Argus continuously collects telemetry on flow data, processes events, and security metrics through Fluent Bit, streaming this information to the Trend Vision One™ Endpoint Security agent running on BlueField. The data is then correlated with Trend’s global threat intelligence, enabling rapid detection of threats such as credential abuse, reverse shells, and other malicious activities specific to AI workloads. This continuous feedback loop provides security teams with real-time, multi-layered visibility into workload behavior across network, host, and application layers—transforming raw telemetry into actionable insight and forensics evidence for investigation and response.
Detecting and Responding to Advanced Threats
Through this integration, AI Factory EDR addresses several critical security scenarios unique to AI infrastructures:
- Credential Dump Detection: AI environments often hold credentials for cloud services, data repositories, and internal systems. The solution monitors for unauthorized access attempts and credential harvesting activities that signal potential compromise.
- Reverse Shell Detection: Attackers frequently use reverse shells to gain persistent access to AI infrastructure. The DPU-based monitoring detects these covert communication patterns, even when hidden within legitimate AI traffic.
- Suspicious Object Detection: AI systems process massive volumes of data and host models. AI Factory EDR can identify suspicious files, malicious model payloads, or unauthorized data transfers that may indicate an attack or data exfiltration attempt.
- Threat Intelligence Correlation: Real-time telemetry from BlueField is fused with Trend’s global threat intelligence, enabling fast identification and response to emerging threats targeting AI infrastructure.
Transforming Cybersecurity for AI Factories
Trend Vision One AI Factory EDR, powered by NVIDIA BlueField, ushers in the next era of AI security, engineered into the operating system of the AI factory itself. By combining real-time analytics with hardware-level enforcement, it delivers resilient, zero-trust defense without impacting performance.
Validated to run on NVIDIA RTX PRO Servers, Trend Vision One gives enterprises an efficient, direct path from AI strategy to secure deployment. The platform enables organizations to evolve from general-purpose computing to purpose-built AI factories with integrated, built-in protection, without costly data center redesigns.
Trend looks forward to advancing AI security with the upcoming NVIDIA BlueField-4 DPU, which will deliver breakthrough compute power, 800 Gb/s throughput, and enhanced isolation to secure the next generation of high-performance, multi-tenant AI factories. As AI becomes central to enterprise operations, AI Factory EDR provides the secure, high-performance foundation where AI innovation and cybersecurity advance together.
Key Takeaways:
- Line-rate cyber protection: AI security operates at wire speed with no CPU overhead.
- Infrastructure-native visibility: Every AI workload and data flow is continuously monitored.
- Zero-trust by design: Isolation and containment are enforced in hardware.
- Built for scale: Security grows seamlessly with AI deployments.
Learn More:
- Visit Trend’s booth at NVIDIA GTC Washington, D.C., running through October 29, to experience AI Factory EDR firsthand.
- Attend the theater presentation with Trend VP of Product Management, Fernando Cardoso: The Security Framework for AI: How to Secure Your AI Stack [DC51135], on October 29, 3:40-3:55 PM EDT
- Read the press release to learn more about Trend’s end-to-end protection for agentic AI systems with NVIDIA.
The AI Factory EDR
Trend Vision One leverages the DOCA SDK to create a lightweight yet powerful security agent that runs directly on the BlueField-3 DPU. This integration provides several key capabilities:
Comprehensive Host Data Collection: The solution monitors file activity, network interfaces, and running processes across the AI infrastructure. Unlike traditional endpoint agents that might impact system performance, this DPU-based approach collects telemetry without affecting AI workload performance.
Advanced Network Flow Monitoring: By positioning monitoring capabilities at the DPU level, the solution gains unprecedented visibility into network communications between AI components, containers, and services. This network-level monitoring is essential for detecting sophisticated attacks that might bypass traditional endpoint security.
Threat Intelligence Correlation: The integration connects DPU-collected telemetry with Trend Micro's extensive threat intelligence database, enabling rapid identification of known threats and attack patterns specific to AI environments.
Security Use Cases and Detection Capabilities
The Trend Vision One integration addresses several critical security scenarios specific to AI infrastructures:
Credentials Dump Detection: AI environments often contain valuable credentials for cloud services, data repositories, and internal systems. The solution monitors for unauthorized access attempts and credential harvesting activities that could indicate a breach.
Reverse Shell Detection: Attackers often establish persistent access to AI infrastructure through reverse shells. The DPU-based monitoring can detect these communications patterns even when they're obfuscated or hidden within legitimate AI traffic.
Suspicious Object Detection: AI environments process vast amounts of data and models. The solution can identify suspicious files, malicious models, or unauthorized data that might indicate an attack or data exfiltration attempt.
Threat Intelligence Correlation: By combining real-time DPU telemetry with Trend's global threat intelligence, the solution can rapidly identify and respond to emerging threats targeting AI infrastructure.
Technical Implementation and Benefits
The DOCA SDK integration enables several technical advantages:
Lightweight Deployment: Unlike traditional endpoint agents that require installation on every system, the DPU-based approach provides comprehensive coverage through infrastructure-level deployment.
Real-time Processing: Dedicated DPU processing power enables real-time threat analysis and response without impacting AI workload performance.
Centralized Management: Through the Trend Vision One console, security teams can manage and monitor AI infrastructure security from a single platform, integrating with existing security operations workflows.
Scalable Architecture: As AI infrastructure scales, the DPU-based security scales with it, providing consistent protection regardless of the size or complexity of the AI deployment.
Future of AI Infrastructure Security
This integration between Trend Vision One and BlueField-3 DPUs represents the future direction of AI security – moving from bolt-on security solutions to integrated, infrastructure-native security that's designed specifically for the unique requirements of AI workloads.
The combination ensures that AI workloads remain secure, observable, and resilient against modern threats while maintaining the performance and scalability that AI applications demand. As AI continues to become more central to business operations, this type of infrastructure-integrated security will become essential for organizations looking to securely scale their AI initiatives.
By leveraging hardware acceleration, comprehensive visibility, and advanced threat intelligence, this solution addresses the fundamental challenge of securing AI infrastructure: maintaining robust security without compromising the performance that makes AI valuable to the business.
Conclusion
The integration of Trend Vision One and NVIDIA BlueField-3 DPU redefines what’s possible for securing AI infrastructure at scale, combining the intelligence of market-leading threat detection with the speed and precision of hardware-accelerated enforcement. This synergy delivers a best-of-both-worlds approach: Trend’s deep, continually updated threat intelligence operates directly within NVIDIA’s ultra-efficient data path, enabling real-time protection without taxing the very AI resources organizations depend on for innovation.
For enterprises, this isn’t just a technology pairing, it is a strategic enabler. By embedding advanced security controls into the infrastructure layer, organizations gain:
- Uncompromised AI Performance: Hardware offload ensures security processing never slows critical workloads, preserving model training and inference speeds.
- Complete Visibility Across Distributed AI Fabrics: From north-south ingress to east-west lateral traffic, every packet is inspected and correlated against global threat intelligence in real time.
- Stronger Security Posture by Design: Zero-trust, multi-tenant isolation, and immediate containment of anomalous activity all occur natively in the network fabric, not bolted on afterward.
- Faster, Safer Scaling of AI Initiatives: With infrastructure-native protection, AI deployments move from proof-of-concept to production without the delays and vulnerabilities of traditional security integration.
In an environment where AI is becoming an operational backbone and a prime target for sophisticated attacks, this integration closes a critical gap between security needs and AI performance requirements. Organizations that deploy this joint solution not only safeguard valuable data, intellectual property, and stakeholder trust—they also position themselves to innovate faster, scale confidently, and outpace competitors in the AI-driven economy.
Securing AI is no longer about adding defenses after the fact; it is about building AI on a secure, high-performance foundation from day one. Trend Vision One with NVIDIA BlueField-3 makes that foundation a reality.
Learn more about:
http://trendmicro.com/en_us/research/25/e/trend-secures-ai-infrastructure-with-nvidia.html