Artificial Intelligence (AI)
AI Security: NVIDIA BlueField Now with Vision One™
Launching at NVIDIA GTC 2025 - Transforming AI Security with Trend Vision One™ on NVIDIA BlueField
Save to Folio
As artificial intelligence continues to proliferate across cloud, core, and edge environments, cybersecurity becomes increasingly important for modern enterprises. AI factories have emerged as a new class of computing infrastructure, purpose-built to support AI workloads at every scale. They present unique security requirements that traditional endpoint protection solutions struggle to address effectively—challenges that will only intensify with the rise of agentic AI. Protecting the AI factory is essential, as it houses some of an enterprise’s most valuable assets—data, models, intellectual property, and the operational systems that power AI innovation. Together with the massive computational demands, distributed architectures, and real-time processing requirements of AI workloads, these forces are driving the need for new, innovative security approaches in AI factories.
The path forward is clear: securing AI requires moving beyond bolt-on solutions to built-in, full-stack protection. This post reveals how Trend Vision One™, running on NVIDIA BlueField DPUs, is setting a new standard, combining hardware acceleration, real-time workload visibility, and advanced threat intelligence to protect AI factories at scale—without sacrificing performance.
The AI Factory Security Challenge
Modern AI Factories face several key security needs and challenges that traditional tools were not designed to handle:
- Scale and Performance: AI workloads require enormous computational resources, and traditional security solutions can significantly impact performance. Many AI applications cannot tolerate the latency introduced when traditional security inspection is applied. When security processing competes with AI computation for CPU resources, it degrades the very capabilities organizations are trying to protect. Addressing these challenges requires security mechanisms that operate at line speed without consuming valuable compute cycles.
- Distributed Architecture: AI workloads scale across dozens—or even hundreds—of physical nodes. AI factories are often multi-tenant and span multiple data center environments. This distributed nature introduces complex attack surfaces with numerous potential entry points requiring consistent policy enforcement, real-time visibility, and coordinated defense across the environment
- Comprehensive Visibility: Securing AI infrastructure requires comprehensive, real-time visibility across every layer of the stack—from the state of AI workloads at runtime, to the underlying infrastructure where modern attacks often originate. However, traditional endpoint security tools were designed to monitor individual devices, not the complex, distributed environments of AI factories—leaving critical blind spots that attackers can exploit.
Introducing Trend Vision One AI Factory EDR
Trend Micro has teamed up with NVIDIA to introduce a new era of security for AI factories—one where protection is not an afterthought, but an integral part of the infrastructure itself. With AI Factory EDR, Trend combines the threat intelligence and analytics of Trend Vision One™ with the robust, autonomous security processing of NVIDIA BlueField DPUs, delivering real-time protection at the speed and precision of AI. Security operations are now embedded within the infrastructure of the AI factory, without competing for CPU cycles or degrading performance, continuously securing the infrastructure and workloads at runtime.
Trend Vision One with a focus on AI Factory EDR gives enterprises unified visibility and control across every node and workload within their AI infrastructure. It continuously monitors workload behavior—tracking processes, system activity, and file operations—and correlates this telemetry with continuously updated global threat intelligence to detect and contain threats before they can spread.
With AI Factory EDR, security teams gain comprehensive insight into the operation of AI workloads across the entire AI factory, enabling them to detect and respond to both known and emerging threats in real time—minimizing risk and reducing potential impact.
NVIDIA BlueField DPUs are built into NVIDIA-accelerated systems and AI factories, powering the networking, data, and security infrastructure that enterprises deploy to run AI at scale. AI Factory EDR builds on this pervasive foundation, seamlessly integrating Trend Vision One’s advanced detection and response capabilities into BlueField-powered environments. This makes it easy for enterprises to add advanced security where AI workloads already run—delivering protection with the same performance, scalability, and efficiency that drive their AI operations.
Inside the AI Factory EDR
At the heart of capability is a simple but powerful idea—security should run within the AI infrastructure, not on top of it. Built on NVIDIA BlueField DPUs, Trend Vision One AI Factory EDR leverages the NVIDIA DOCA software platform to deliver protection at the infrastructure and workload layers. This unique integration enables Trend Vision One to deploy a lightweight, autonomous agent directly on BlueField, combining hardware isolation, runtime visibility, and advanced threat detection to protect AI workloads at runtime.
NVIDIA BlueField data processing units are purpose-built processors that offload, accelerate, and isolate infrastructure and security operations—enabling high-performance networking, data movement, and cybersecurity processing that power AI at scale. By offloading these functions from the host CPU into dedicated processing engines, BlueField enforces security policies autonomously—ensuring protection even if the host is compromised. Operating in a separate trust domain, it continuously monitors host behavior, application processes, traffic patterns and other indicators without impacting performance. This distributed, zero-trust security model enables line-speed visibility and enforcement, ensuring that every data packet and process interaction within the AI factory is both observable and secure.
A key element that makes AI Factory EDR possible is the integration of the DOCA Argus microservice, which provides real-time situational awareness and runtime threat detection by inspecting host memory using advanced memory forensics. Operating at the hardware level, Argus performs live machine introspection—analyzing specific segments of volatile host memory to detect threats in real time without impacting system performance. To preserve privacy, it extracts information only from kernel structures, never from user data.
Unlike conventional security tools, DOCA Argus runs independently of the host, requiring no agents, software integration, or reliance on host-based resources. This agentless, zero-overhead design enhances system efficiency and resilience across bare-metal, virtualized, containerized, and multi-tenant environments. By operating in an isolated trust domain, Argus remains invisible to attackers—even if the host system is compromised.
Argus continuously collects telemetry on flow data, processes events, and security metrics through Fluent Bit, streaming this information to the Trend Vision One™ Endpoint Security agent running on BlueField. The data is then correlated with Trend’s global threat intelligence, enabling rapid detection of threats such as credential abuse, reverse shells, and other malicious activities specific to AI workloads. This continuous feedback loop provides security teams with real-time, multi-layered visibility into workload behavior across network, host, and application layers—transforming raw telemetry into actionable insight and forensics evidence for investigation and response.
Detecting and Responding to Advanced Threats
Through this integration, AI Factory EDR addresses several critical security scenarios unique to AI infrastructures:
- Credential Dump Detection: AI environments often hold credentials for cloud services, data repositories, and internal systems. The solution monitors for unauthorized access attempts and credential harvesting activities that signal potential compromise.
- Reverse Shell Detection: Attackers frequently use reverse shells to gain persistent access to AI infrastructure. The DPU-based monitoring detects these covert communication patterns, even when hidden within legitimate AI traffic.
- Suspicious Object Detection: AI systems process massive volumes of data and host models. AI Factory EDR can identify suspicious files, malicious model payloads, or unauthorized data transfers that may indicate an attack or data exfiltration attempt.
- Threat Intelligence Correlation: Real-time telemetry from BlueField is fused with Trend’s global threat intelligence, enabling fast identification and response to emerging threats targeting AI infrastructure.
Transforming Cybersecurity for AI Factories
Trend Vision One AI Factory EDR, powered by NVIDIA BlueField, ushers in the next era of AI security, engineered into the operating system of the AI factory itself. By combining real-time analytics with hardware-level enforcement, it delivers resilient, zero-trust defense without impacting performance.
Validated to run on NVIDIA RTX PRO Servers, Trend Vision One gives enterprises an efficient, direct path from AI strategy to secure deployment. The platform enables organizations to evolve from general-purpose computing to purpose-built AI factories with integrated, built-in protection, without costly data center redesigns.
Trend looks forward to advancing AI security with the upcoming NVIDIA BlueField-4 DPU, which will deliver breakthrough compute power, 800 Gb/s throughput, and enhanced isolation to secure the next generation of high-performance, multi-tenant AI factories. As AI becomes central to enterprise operations, AI Factory EDR provides the secure, high-performance foundation where AI innovation and cybersecurity advance together.
Key Takeaways:
- Line-rate cyber protection: AI security operates at wire speed with no CPU overhead.
- Infrastructure-native visibility: Every AI workload and data flow is continuously monitored.
- Zero-trust by design: Isolation and containment are enforced in hardware.
- Built for scale: Security grows seamlessly with AI deployments.
Learn More:
- Visit Trend’s booth at NVIDIA GTC Washington, D.C., running through October 29, to experience AI Factory EDR firsthand.
- Attend the theater presentation with Trend VP of Product Management, Fernando Cardoso: The Security Framework for AI: How to Secure Your AI Stack [DC51135], on October 29, 3:40-3:55 PM EDT
- Read the press release to learn more about Trend’s end-to-end protection for agentic AI systems with NVIDIA.
- http://trendmicro.com/en_us/research/25/e/trend-secures-ai-infrastructure-with-nvidia.html
- https://newsroom.trendmicro.com/2025-05-19-Trend-Micro-Offers-Enterprise-AI-Security-Platform-Across-Data-in-Cloud-or-on-Premises
- https://resources.nvidia.com/en-us-accelerated-networking-resource-library/deploy-operate-nvidia-ai-clouds?lx=LbHvpR