If you’re building with AI, or trying to defend against the less savoury side of the technology, Meta just dropped new Llama security tools.

The improved security tools for the Llama AI models arrive alongside fresh resources from Meta designed to help cybersecurity teams harness AI for defence. It’s all part of their push to make developing and using AI a bit safer for everyone involved.

Developers working with the Llama family of models now have some upgraded kit to play with. You can grab these latest Llama Protection tools directly from Meta’s own Llama Protections page, or find them where many developers live: Hugging Face and GitHub.

First up is Llama Guard 4. Think of it as an evolution of Meta’s customisable safety filter for AI. The big news here is that it’s now multimodal so it can understand and apply safety rules not just to text, but to images as well. That’s crucial as AI applications get more visual. This new version is also being baked into Meta’s brand-new Llama API, which is currently in a limited preview.

Then there’s LlamaFirewall. This is a new piece of the puzzle from Meta, designed to act like a security control centre for AI systems. It helps manage different safety models working together and hooks into Meta’s other protection tools. Its job? To spot and block the kind of risks that keep AI developers up at night – things like clever ‘prompt injection’ attacks designed to trick the AI, potentially dodgy code generation, or risky behaviour from AI plug-ins.

Meta has also given its Llama Prompt Guard a tune-up. The main Prompt Guard 2 (86M) model is now better at sniffing out those pesky jailbreak attempts and prompt injections. More interestingly, perhaps, is the introduction of Prompt Guard 2 22M.

Prompt Guard 2 22M is a much smaller, nippier version. Meta reckons it can slash latency and compute costs by up to 75% compared to the bigger model, without sacrificing too much detection power. For anyone needing faster responses or working on tighter budgets, that’s a welcome addition.

But Meta isn’t just focusing on the AI builders; they’re also looking at the cyber defenders on the front lines of digital security. They’ve heard the calls for better AI-powered tools to help in the fight against cyberattacks, and they’re sharing some updates aimed at just that.

The CyberSec Eval 4 benchmark suite has been updated. This open-source toolkit helps organisations figure out how good AI systems actually are at security tasks. This latest version includes two new tools:

• CyberSOC Eval: Built with the help of cybersecurity experts CrowdStrike, this framework specifically measures how well AI performs in a real Security Operation Centre (SOC) environment. It’s designed to give a clearer picture of AI’s effectiveness in threat detection and response. The benchmark itself is coming soon.
• AutoPatchBench: This benchmark tests how good Llama and other AIs are at automatically finding and fixing security holes in code before the bad guys can exploit them.

To help get these kinds of tools into the hands of those who need them, Meta is kicking off the Llama Defenders Program. This seems to be about giving partner companies and developers special access to a mix of AI solutions – some open-source, some early-access, some perhaps proprietary – all geared towards different security challenges.

As part of this, Meta is sharing an AI security tool they use internally: the Automated Sensitive Doc Classification Tool. It automatically slaps security labels on documents inside an organisation. Why? To stop sensitive info from walking out the door, or to prevent it from being accidentally fed into an AI system (like in RAG setups) where it could be leaked.

They’re also tackling the problem of fake audio generated by AI, which is increasingly used in scams. The Llama Generated Audio Detector and Llama Audio Watermark Detector are being shared with partners to help them spot AI-generated voices in potential phishing calls or fraud attempts. Companies like ZenDesk, Bell Canada, and AT&T are already lined up to integrate these.

Finally, Meta gave a sneak peek at something potentially huge for user privacy: Private Processing. This is new tech they’re working on for WhatsApp. The idea is to let AI do helpful things like summarise your unread messages or help you draft replies, but without Meta or WhatsApp being able to read the content of those messages.

Meta is being quite open about the security side, even publishing their threat model and inviting security researchers to poke holes in the architecture before it ever goes live. It’s a sign they know they need to get the privacy aspect right.

Overall, it’s a broad set of AI security announcements from Meta. They’re clearly trying to put serious muscle behind securing the AI they build, while also giving the wider tech community better tools to build safely and defend effectively.

Stay updated with SOC News for cutting-edge security innovations and expert industry insights! 

Source: https://www.artificialintelligence-news.com/news/meta-beefs-up-ai-security-new-llama-tools/

Hewlett Packard Enterprise has announced an expansion of its HPE Aruba Networking and HPE GreenLake cloud offerings to support enterprises in enhancing secure connectivity and hybrid cloud operations.

New capabilities now available in HPE Aruba Networking Central include cloud-based access control security designed to accelerate enterprise-grade zero trust security. This approach treats every user, device, and application as a potential threat until verified, employing robust policy capabilities to strengthen protection measures. Additionally, HPE Private Cloud Enterprise introduces threat-adaptive security features to support compliance with the Digital Operations Resilience Act (DORA), offering the capability to disconnect from the public internet when a network threat is detected.

Phil Mottram, Executive Vice President and General Manager, HPE Aruba Networking, commented on the evolving cyber threat landscape and the need for advanced security: “With the rise in adoption of data-fueled AI applications, organisations are facing more sophisticated threats to anywhere data is stored, captured or transmitted. HPE’s security solutions deliver advanced protection to help organisations mitigate risk, defend against attacks and build resiliency.”

The new features in HPE Aruba Networking Central Network Access Control (NAC) include precision cloud-based access controls, enabling IT teams to define and implement role-based policies for user and device identification. These enhancements are designed to help enterprises advance universal zero trust network access initiatives. Additional features, such as Intrusion Detection System (IDS), Intrusion Prevention System (IPS), AI-powered observability, and microsegmentation, are aimed at reducing the impact of potential security breaches.

Among the new security functionalities are the Enhanced Policy Manager for HPE Aruba Networking Central NAC, which establishes detailed network access policies—such as application-to-role, role-to-subnet, and role-to-role policies. This ensures consistent enforcement of security and compliance across edge-to-cloud networks.

Integration between HPE Aruba Networking Central and HPE OpsRamp has been strengthened to provide native monitoring of third-party devices from vendors like Cisco, Arista, and Juniper Networks. Enhanced application profiling, classification, and risk assessment tools now give enterprises the capacity to establish application-specific access policies based on risk criteria.

Updates to HPE Aruba Networking EdgeConnect SD-WAN bring new Secure Access Service Edge (SASE) integration and Adaptive Distributed Denial-of-Service (DDoS) defence capabilities. These use machine learning to dynamically adjust DDoS protections in real time. All Zero Trust Network Access (ZTNA) customers now receive a complimentary licence for HPE Aruba Networking Private Edge.

HPE Aruba Networking SSE offers new high-availability and high-performance mesh connectivity for routing traffic between global points of presence, aiming to improve reliability and resiliency. Mesh connectivity automatically determines the fastest secure path for data, providing alternative routes and automatic recovery to ensure continued security, without requiring manual intervention by IT teams.

On the private cloud front, HPE GreenLake receives further security enhancements intended to protect against emerging threats and to support compliance with new regulations. HPE Private Cloud Enterprise now features threat-adaptive security, capable of temporarily isolating critical systems by disconnecting from the public internet when a threat is detected. This function acts as a “digital circuit breaker” and is designed to minimise impacts before securely reconnecting systems once the threat is resolved. These features specifically address requirements for regulated industries, including the financial sector, under DORA.

HPE also announced the general availability of air-gapped cloud management through HPE Private Cloud Enterprise. This service enables customers in regulated industries or government to manage private cloud infrastructure entirely on-premises, without any external connectivity, and is deployed by security-cleared HPE staff. Future enhancements will allow cloud-native and Kubernetes workloads to be managed with the same air-gapped approach.

Additional offerings include HPE Cybersecurity Services for sovereign cloud, providing expertise to integrate sovereign security solutions into an organisation’s risk management framework. New cybersecurity services focused on AI aim to give customers governance and compliance support while transforming operations to predict and counter both traditional and AI-driven threats.

The integration between HPE’s OpsRamp and CrowdStrike provides unified observability and real-time threat detection, designed to enhance performance and resilience for enterprise systems.

HPE’s announcement comes as the company marks a year since signing the CISA Secure by Design pledge. HPE reports that it deploys more than 2,200 security controls within HPE GreenLake, and utilises Zero Trust frameworks to meet requirements set by CIS, CISA Secure by Design, STIG, and DORA.

Other advancements in HPE’s secure by design initiatives include Aruba Networking’s AI-based network detection and response (NDR), ransomware protection through the HPE Cyber Resilience Vault, and the introduction of the HPE ProLiant Compute Gen12 portfolio with HPE Integrated Lights Out 7. The new servers also provide a silicon root of trust and feature post-quantum cryptography capabilities meeting FIPS 140-3 Level 3 security certification.

Stay updated with SOC News for cutting-edge security innovations and expert industry insights! 

Source: https://datacentrenews.uk/story/hpe-unveils-enhanced-ai-powered-security-for-cloud-network