Analyze Risk in Network Traffic
Focus
Focus
AI Runtime Security

Analyze Risk in Network Traffic

Table of Contents

Analyze Risk in Network Traffic

Analyze the unprotected cloud assets and the traffic flow between them.
This page helps you to assess the network traffic flow between AI applications, AI models, and the internet. It also enables you to evaluate and correlate identified network threats with discovered resources, providing a comprehensive view of potential vulnerabilities and risks.
Where Can I Use This?What Do I Need?
  • AI Runtime Security Discovery in Strata Cloud Manager
  1. Log in to Strata Cloud Manager.
  2. Select Insights → AI Runtime Security.
  3. Select the Operational view to analyze the bidirectional communication flows between users to app, app to AI model, app to internet, and app to app.
  4. Select the Security view to assess the threat landscape and deploy protection instances as needed.

Assess Risks and Prioritize Threat Prevention

Models View

Assess east-west network traffic flow between applications and AI models.
  1. In the Operational view, click the MODELS protections icon. The model discovery helps you to:
    • See which applications communicate with which AI models.
    • Identify AI models receiving traffic from protected and unprotected apps.
    • View protection status, model name, and traffic statistics (requests, responses, protected traffic) when hovering over an AI model.
    • Identify and prioritize the security threats.
    • Summarize alerted model threats, such as prompt injection, malicious URLs, and sensitive data leakage.
  2. Click on each application and model to assess how each maps and communicates with other assets in your network architecture.
  3. Select Add Protection ("+" icon) and place an AI Runtime Security instance between Models and Apps.
    Refer to Deploy AI Runtime Security: Network Intercept in Public Clouds and follow the workflow for your cloud provider.

Internet View

Assess outbound network traffic flow from user apps to internet destinations.
  1. Hover over and click the INTERNET protection icon to identify:
    • Internet-facing applications.
    • Protected and unprotected apps in your cloud environment.
    • Safe and unsafe internet destinations reached by the apps.
    • Security threats in the network flow between apps and the internet.
    • Threat details by clicking on each app.
  2. Hover over an internet destination URL to see the IP addresses of the top 5 URLs accessing that destination.
  3. Select Add Protection ("+" icon) and place an AI Runtime Security instance between the Internet and Apps.
    Refer to Deploy AI Runtime Security: Network Intercept in Public Clouds for your cloud provider's workflow.

Users View

Assess Inbound network traffic from external apps to internal user apps.
  1. Hover over and click the USERS protection icon to:
    • Highlight unprotected traffic flows.
    • Identify the protected and unprotected apps.
    • Determine threat actors, suspicious users, and benign users.
    • View application threat details by clicking on each application.
  2. Select Add Protection ("+" icon) and place an AI Runtime Security instance between Users and Apps.
    Refer to Deploy AI Runtime Security: Network Intercept in Public Clouds and follow the workflow for your cloud provider.

Application Threats Breakdown

Assess application threats to identify vulnerabilities and risks post AI Runtime Security instance deployment.
  1. Select the Security view on the Strata Cloud Manager dashboard.
  2. Click on the Apps icon. This view will:
    • Group application threats under Applications, Cloud Providers, and Application Assets.
    • Classify apps as protected or unprotected apps, including metadata such as Application Asset IP address, Cloud Networks, Region, Cloud Provider, and Tags used to categorize the apps.
    • Drill down to see the network traffic flows between Apps → Models, Users → Apps, and Apps → Internet.
  3. Select Application Breakdown to view applications grouped by your cloud workloads such as VMs and Pods (including containerized environments, Clusters, VMs, and Serverless architectures).
    This breakdown shows applications scoped in the "Application definition" during Cloud account onboarding in Strata Cloud Manager.
  4. Select the Cloud Providers tab to view the application threat breakdown by the cloud provider.
  5. Select the Application Assets view to analyze the threat breakdown based on traffic generated from interactions between endpoints and applications.