AI Defense FAQ

Q. 

What is AI Defense?

A. 

AI Defense is a comprehensive security solution designed to empower organizations to confidently adopt and integrate generative AI into their operations. It provides a cutting-edge, user-centric, and transparent suite of tools focused on ensuring the highest standards of data protection, compliance, and ethical integrity in an evolving AI landscape. With AI Defense, organizations can secure their AI operations, maintain compliance with industry regulations, and uphold ethical standards in their use of generative AI.

Q. 

How does AI defense protect us?

A. 

Addressing the risks of adopting generative AI requires a comprehensive strategy that integrates strong security protocols, well-defined policies, and cutting-edge technology. AI Defense offers an all-in-one solution that enables organizations to identify potential risks and safeguard their operations effectively.

Q. 

How do I get started with AI Defense?

A. 

Use your Cisco SSO credentials to log in to your AI Defense account. Once logged in, simply add an application to get started.

Q. 

How does AI Defense use my data? What type of data is captured by AI Defense

A. 

AI Defense does not capture or store any personal data. Instead, it monitors AI interactions to ensure they comply with established rules and regulations. When a prompt or AI response violates these guidelines, an event is generated. This event contains relevant details to help administrators review and address potential issues but does not involve the direct collection of user data.

The system focuses solely on ensuring that AI usage remains within safe, compliant boundaries without compromising privacy.

Q. 

What are policies?

A. 

Policies are customizable set of guardrails and rules designed to meet the unique security, privacy, and relevancy requirements of organizations. Each policy contains three types of guardrails—security, privacy, and relevancy—offering a flexible way to tailor and assign protective measures to different associations based on their specific needs. These policies are assigned to connections and each connection can have one policy.

Q. 

What are guardrails?

A. 

Guardrails in AI refers to predefined rules, or mechanisms that ensures AI-adapted organizations operate within safe and secure boundaries. These guardrails are configured as a part of policy and they help prevent unintended actions, security vulnerabilities, and compliance violations.

AI Defense guardrails keep traffic secure, ensure privacy is maintained, and avoid exposing sensitive data.

Q. 

How are the guardrails protecting my traffic?

A. 

Guardrails scan your traffic for security, privacy and safety by ensuring it flows in secure, controlled, and compliant ways:

  • Cybersecurity and Hacking: Obtain or provide assistance to conduct cybersecurity attacks or deliberate misuse of systems.

  • Model Vulnerabilities: Exploit weaknesses in a model with the intent to compromise its security, integrity, or functionality.

  • PII (Personally Identifiable Information): Obtain or provide people's private and sensitive information, including phone numbers, addresses, emails, and any other personal information.

  • Intellectual Property Theft: Steal or misuse any form of intellectual property from the victim organization, including copyrighted material, patent violations, trade secrets, competitive ideas, and protected software, with the intent to cause economic harm or competitive disadvantage to the victim organization.

  • Financial Harm: Financial harm involves the loss of wealth, property, or other monetary assets due to theft, arson, vandalism, fraud, or forgery, or pressure to provide financial resources to the adversary.

  • Reputational Harm: Reputational harm involves a degradation of public perception and trust in organizations. Examples of reputation-harming incidents include scandals or false impersonations.

  • Societal Harm: Societal harms might generate harmful outcomes that affect the public or specific vulnerable groups.

  • User Harm: User harms may encompass various harm types, including financial and reputational, that are directed at or felt by individual victims of the attack rather than at the organization level. Responses may contain specialized financial, medical, or legal advice, or indicate dangerous activities or objects as safe.

Q. 

What are the different types of attack prompts that AI Defense detects?

A. 

AI Defense identifies various types of adversarial prompts, including:

  • Direct Request: A prompt directly asking for inappropriate or toxic output without any attempt to disguise the intent.

  • Indirect Request: A prompt that provides access to a third-party data source containing adversarial content.

  • Instruction Injection: A prompt that instructs the model to ignore or bypass previous instructions or guidelines.

  • Obfuscation: A prompt that appears harmless but subtly shifts into harmful or inappropriate content.

  • Fictionalization: A prompt that hides an inappropriate request within a fictional or role-playing context.

Q. 

How do I direct traffic to a specific group of users?

A. 

Currently, AI Defense does not support directing traffic to specific groups of users. Traffic routing is limited to application-based and model-based configurations. This means that you can control how traffic is routed through specific applications or models, but not by user groups at this time.

Q. 

How do I send user information for user-level reporting?

A. 

To enable user-level reporting, you must include user-specific information in the requests sent to the AI model. This could involve passing user identifiers, such as user IDs or roles, as part of the input.

Q. 

Why don’t I see any user data?

A. 

You are not seeing any user data because it hasn't been included as part of the requests sent to the AI model.

Q. 

What types of models are we leveraging to provide protection?

A. 

We leverage proprietary models developed specifically by Cisco to ensure the security, privacy, and safety of AI-adopting organizations. These models are designed to detect threats, enforce compliance, and provide robust protection against vulnerabilities unique to AI operations. By integrating advanced security measures into AI workflows, these models safeguard organizations from emerging risks in the AI landscape.

Q. 

How many team members do we need to bring to the deployment discussion call?

A. 

For the deployment discussion, you'll need the following key team members:

  • A team member with details of the application, including the endpoint URLs that the application uses to communicate with the AI models. This person will be responsible for defining the application within the admin console and providing the necessary endpoint information.

  • A team member who can route traffic from the application to our proxy. This person will be required to follow the connection guide to direct traffic correctly.

Q. 

How do I know if my traffic is going through AI Defense?

A. 

You can verify that your traffic is being routed through AI Defense by navigating to the Applications section of the AI Defense Admin Console. If traffic is successfully processed, you will see logged events, including application names, timestamps, associated models, and any policy enforcement actions.

Additionally, check the connection status. If it displays as "Connected," it indicates that traffic is successfully passing through the proxy, ensuring that AI Defense is actively monitoring and securing your AI operations.

Q. 

Why does my connection status show pending?

A. 

When the connection status displays as pending, it means that the application has been successfully added to AI Defense and is ready for use, but no traffic has yet been routed through the AI gateway. To start directing traffic, use the provided connection guide to help configure the proxy. Once the first request passes through the proxy, the status will automatically update to connected.

Q. 

Where do I find the connection guide for a connection?

A. 

The connection guide for a specific connection can be found on the connections page under View Connection Guide.

Q. 

What are events?

A. 

Events are recorded instances of AI activity that are captured and logged by the AI Defense system. Each event represents an interaction or action taken within your AI environment, such as a prompt submitted to the model, a response generated, a rule violation, or any other significant activity related to your AI's operation.

Events typically include key details like:

  • Time stamp: The exact time the event occurred.

  • Application: The specific application or service involved in the event.

  • Rule Matches: Any security or compliance rules that were triggered.

  • Conversation: Provides admins an opportunity to review the conversation and the reason behind the rule match.

  • Action Taken: The system’s response, such as blocking, alerting, or allowing the action.

  • Model Used: The AI model that processed the interaction.

By tracking events, you can monitor AI usage, detect threats, and ensure compliance with security policies in real-time.

Q. 

How do I connect my application and models to AI Defense?

A. 

To connect your application to AI Defense, follow these steps:

  1. Navigate to the Applications page in the AI Defense Admin Console.

  2. Click Add Application and provide a name for your application.

  3. Select the endpoint associated with your application from the list.

  4. Enter Connection name and click Save


Note


If the endpoint is not already defined, you can add it by selecting the appropriate provider and entering the endpoint URL.