Announcing 3D Runtime Defense For Live Cloud and AI Workloads

Securing Live Cloud and AI Workloads For True Cyber-Resilience in the Age of AI

Today we are excited to announce our 3D Runtime Defense Suite, with a powerful combination of new capabilities that take cloud and AI workload defense far beyond discovery, redefining what modern cyber-resilience means in the Age of AI.

There are two truths you can’t ignore in today’s rapidly evolving threat landscape:

Truth #1: AI Application Defense Must Happen at Runtime

AI has highlighted and exacerbated many of the critical challenges that cloud security was already facing before the scale and speed of modern attacks. The exponential growth of the attack surface inside the application, beyond the WAF, and far beyond the reach of networking IP-based rule-sets or infra-layer configs, has forced a transition away from old static technology that can’t possibly keep up with an army of shapeshifting modern threats. It has forced security into the runtime - the elusive attack surface that everyone knows they need to secure, but that security technology has not been able to keep up with.

Truth #2: Runtime Defense Must Actively Defend Applications

Even today, most leading runtime solutions are limited to noisy eBPF alerting hoses that lack the multi-dimensional context required to actually make sense of attack paths that in reality connect from external 3rd parties, through APIs, through services, all the way to data stores. But, more importantly for the actual security of the entire cloud ecosystem is that these runtime solutions lack the ability to actually BLOCK attacks at runtime. Prompt injection, zero day vulns, data exfiltration, data leakage, data poisoning, lateral attacks, DDOS attacks… you name the critical attack vector, and it *needs* to be blocked at runtime. Static scanning can’t catch poisonous prompts that it doesn’t even know about yet - how could it? But when we find out that some line of open source code that is already live in production is compromised, it is already too late.

But if your goal is to fully secure cloud and AI workloads at runtime, what use is a long list of critical attack vectors if teams need to file tickets for manual code changes in order to do anything about them? This constant and growing backlog leaves cloud and AI workloads vulnerable, makes software stacks a ticking time bomb, and slows down development speed as developers and platform engineers struggle to meet basic security standards while also instrumenting security tooling to keep up with their constantly changing API and RBAC access rules.

This is where the perception that security slows development comes from, and in many cases historically, it isn’t wrong, but we’re here to tell you this very important truth: It doesn’t have to be this way!

Making Real Runtime Defense A Reality

Operant’s 3D Runtime Defense Suite expands on our unique runtime defense capabilities that already blocked >80% of the OWASP Top Ten Attacks across APIs, Kubernetes, and LLMs. Our new runtime capabilities enable security teams and developers to make new cloud applications Secure-By-Default without any application code changes or Jira ticket backlogs.

As operators ourselves, we completely understand that ease of use and lightness of implementation matter deeply when it comes to making security actually work at scale. That’s why our 3D Defense Suite is available through the same agentless, zero-integration, single-step deployment that customers already know and love.

Operant’s new 3D Defense Suite capabilities include:

Enhanced Discovery

• Instant live blueprints of AI workloads, models and AI APIs
• Continuous identification of ghost APIs and shadow AI data flows
• Comprehensive tracking of data-in-use patterns from third-party APIs to data stores
• Complete transparency of AI supply chains, including all prominent AI platforms like OpenAI, Gemini, Cohere, Anthropic, etc.

Runtime Threat Detection

• Runtime detection of OWASP top ten LLM threats including prompt injection, sensitive data exfiltration, model theft, and data poisoning
• Real-time detection of sensitive data leakage across ingress and egress for PII, secrets, API keys, and more

Active Defense

• Automated in-line blocking and redaction of sensitive data flows
• Intelligent quarantine for suspicious third-party containers and AI models
• Enforce advance rate limiting and token usage for sensitive APIs, including AI endpoints

In-Line Auto-Redaction Fuels Faster, Safer Innovation and Meets Data Privacy Standards

Operant’s new detection capabilities include the ability to instantly identify sensitive data being passed to 3rd parties, including Social Security Numbers, API keys, Phone Numbers and other PII data, but detection isn’t the end of the road. Operant’s powerful defense capabilities take it an important step further - giving teams the choice to block this sensitive data transfer in real-time by default before it leaves the application perimeter, or to auto-redact the sensitive data in real-time so that the rest of the data flow can function as expected while maintaining data privacy standards and following data governance requirements. This allows AI models to seamlessly interact with AI APIs and other third parties in a responsible, secure, and private way without any extra work on the part of developers, SREs or security engineers.

Operant’s in-line auto-redaction fuels AI and cloud application development at a completely new speed and scale, and doesn’t require sensitive data to be sent out to an additional 3rd party to work (including us). Operant’s in-line auto-redaction happens inside your environment before any data is sent out, significantly reducing the security risks and costs of shipping data around in order to secure it.

Operant’s 3D Runtime Defense Suite is now available in the product. To experience the power for yourself, sign up for a new account and take us for a spin with a limited-time 30-day free trial.