Addressing software security issues is becoming more challenging as the number of vulnerabilities reported in the CVE database continues to grow at an accelerated pace. Assessing a single container for vulnerabilities requires the collection, comprehension, and synthesis of hundreds of pieces of information. With over 200K vulnerabilities reported at the end of 2023, the traditional approach to scanning and patching has become unmanageable.
Enterprises are increasingly adopting generative AI to drive innovation across domains. Vulnerability detection and resolution will become a top generative AI use case in software delivery, according to the IDC.
Generative AI can improve vulnerability defense while reducing the burden on security teams. Organizations have already begun to explore its use for automation, but scaling it at an enterprise level requires a complex AI system.
Video 1 shows how NVIDIA uses generative AI and retrieval-augmented generation (RAG) to accelerate vulnerability analysis in software containers at enterprise scale, and dramatically reduce the time to assess and mitigate CVEs from hours or days to mere seconds.
This AI agent example is enabling NVIDIA cybersecurity and systems integrator partners to build solutions that can connect large language models (LLMs) to data to drive greater efficiencies for software development.
Key takeaways
- Using NVIDIA NIM and the NVIDIA Morpheus cybersecurity AI SDK, this event-driven RAG example can dramatically decrease CVE analysis and remediation from days to just seconds.
- LLM agents can expedite investigations and cut through the noise of an increasing number of known CVEs to highlight urgent security risks.
- In this example, we implement multiple LLM agents to automate vulnerability management, verification, and VEX justification, all triggered by the results of upstream vulnerability scans.
- Built on NVIDIA Morpheus, this NIM Agent Blueprint uses asynchronous and parallel GPU processing for scalable, fast analysis of multiple CVEs simultaneously. This architecture enables real-time insights into container and vulnerability information, streamlining the validation process and addressing potential security threats.
Summary
Try the blueprint for free at build.nvidia.com. Learn more and get notified of the upcoming release of a downloadable vulnerability analysis NIM Agent blueprint.
For more information about how to implement generative AI for CVE analysis at an enterprise scale, see Applying Generative AI for CVE Analysis at an Enterprise Scale.
For more information, see the following resources:
- NVIDIA Morpheus SDK
- Morpheus on NGC
- /nv-morpheus GitHub repo