Why is Gen-AI Need of the Hour? 

The widespread adoption of cloud, containers, and microservices has created exponentially complex environments for security teams to try and gain visibility into. Traditional tools are just not enough anymore for the unified protection that these dynamic ecosystems need. All it does is flood teams with a deluge of fragmented alerts.

As outlined in the attached Gartner predictions for AI & Cybersecurity, there is an urgent need for automation and augmentative technologies to help overwhelmed security teams keep pace. Specific pain points include:

1. Dashboards are plagued with outdated, non-specific data lacking integrated insights. It fails to serve the varying needs of security personas like CISOs requiring risk summaries versus SecOps engineers needing technical configuration details.
2. A flood of low-level security alerts with no way to prioritize the threats posing an actual business risk. Context around impact is sorely lacking.
3. Over reliance on tedious, manual investigation steps  across separate tools rather than automated root cause analysis. This constantly diverts focus from more strategic initiatives.
4. Inability to intuitively query infrastructure or get on-demand answers to questions about vulnerabilities, risks, misconfigurations, and more.

Sample scenarios:

• Ask about the top vulnerabilities last quarter across assets with API access, factoring in query limits
• Get an overview of the most critical risks and configuration issues across environments
• Retrieve container runtime analysis for anomalies or indicators of compromise
• Request step-by-step remediation instructions for a severity 10 vulnerability cluster

Issues with Traditional CNAPP Platforms with No Gen-AI Support

With Ask Ada you will be able to get rapid, tailored responses on infrastructure, risks, and threats, security teams can meet the velocity demands of cloud-native businesses. Generative AI closes visibility gaps through augments rather than full automation promises that tend to disappoint.

Power up your DevSecOps & Security Engineers with LLM Assistance

Traditional CNAPP dashboards fail to serve the varying needs of different security personas. CISOs require high-level compliance summaries and risk baselines to report to the executive team and board. However, Security Engineers and DevSecOps need more granular visibility into each asset for threat hunting and hardening.

Legacy tools only offer a single standardized dashboard failing to account for these personalized views. So CISOs face frustration trying to stitch together broad overviews from technical infrastructure details not tailored to risk metrics. Meanwhile, Security Engineers waste time trying to drill down into specific assets and vulnerabilities without a clear way to pivot from the top-down perspective.

This fragmented approach leaves visibility gaps that increase exposure, hide critical risks, and decrease productivity. Personas operate in silos instead of leveraging shared insights.

AccuKnox Gen-AI: Ask Ada that base responses for target user query intent – DevSecOps vs CISOs

Ask Ada Resolves DevSecOps Challenges

With digital transformation accelerating, businesses are rapidly adopting cloud-native infrastructure, containers, microservices, and advanced deployment patterns like GitOps. While this enables faster delivery of applications, it also creates exponentially complex environments that most security tools struggle to keep pace with.

• Data Mapping Overload – Most security tools don’t interconnect, forcing manual correlation and making compliance audits incredibly tedious. This also impacts risk monitoring with critical threats hiding in the gaps.
• Lack of Critical Data Focus – Identifying where sensitive data resides across complex infrastructure and keeping tight access controls in place is extremely challenging.
• Shallow Vulnerability Insights – Traditional scanners highlight vast amounts of vulnerabilities but lack validation against runtime exploitability or relation to hosting critical data, leading to alert fatigue.
• No Preventative Guidance – Getting actionable steps tailored to user context and persona to proactively harden infrastructure or meet compliance standards is sorely lacking in existing solutions.

93% of organizations now operate multi-cloud or hybrid cloud environments with an average managing 6 clouds. However, only 40% of security teams feel confident in their visibility across all clouds. These gaps make achieving resilient and compliant cloud infrastructure nearly impossible without leveraging the latest AI innovations.

Introducing Ask Ada

AccuKnox is proud to launch Gen-AI powered CNAPP dubbed “Ask Ada”, built to boost the productivity of DevSecOps teams managing security risk across complex multi-cloud and on-prem environments.

Ask Ada leverages automated correlation, root cause analysis, multi-step reasoning, and proactive recommendations to simplify cloud security operations.

The best part is that it is built on multimodal data (text, video, images) using RAG and an efficient search logic approach and tracks user context and is fine-tuned for security.

Ask Ada is built right into the Dashboard for ease of access.

Ask Ada helps overwhelmed DevSecOps, cloud security, and GRC teams overcome these roadblocks to easily build zero-trust cloud environments. It acts as an intuitive assistant allowing users to ask questions in plain language and receive detailed recommendations.

Key Capabilities of Ask Ada

• Automated Data Correlation – Ingests, normalizes and synthesizes security insights across DevOps toolchains, clouds, containers, networks, and more to eliminate tedious data mapping.
• Crown Jewels Tracking – Automatically discovers sensitive data and classifies risk levels based on access patterns to prioritize protection.
• Contextual Vulnerability Insights – Analyzes Asset Graphs and runtime signals to validate vulnerability exploitability and relation to hosting critical data right within existing workflows.
• Compliance Drift Detection – Continuously audits infrastructure against regulatory controls and alerts on deviations from best practices teams can self-remediate.
• Proactive Guidance – Allows querying at any stage for clear and tailored answers, recommendations to harden security posture, and step workflows to resolve issues based on risk severity, configuration context, and user persona.

Ask Ada acts as an intuitive assistant allowing users to ask questions in plain language and receive detailed recommendations in return to overcome cloud security challenges.

By leveraging Ask Ada’s generative capabilities on top of AccuKnox’s integrated CNAPP platform, teams can drastically simplify cloud security to enable innovation and business growth without sacrificing resilience or compliance.

“Generative AI is transforming the realm of what’s possible in cybersecurity. We’re excited to leverage this incredible technology with our foundational IP to further simplify the speed and confidence with which our customers can build, run, and secure their applications and critical data in any environment.”

Goal	Objective
Automate the mundane	Secure LLMs from poisoning, data injection, and malicious attacks
Know current security posture quickly	Security should reflect current posture in a non-intrusive way via NLP
Proactive action on drift or anomalies	Security posture should provide actionable insights
Empower different personas towards security	Security should provide assistive remediation to every persona
Translating requests into security configuration	Generate automatic configuration from simple text

Getting Started

Ask Ada Welcome Screen

Ask Ada will be included as an optional add-on to all current and future customers, and boasts industry-leading data privacy and security, combined with anti-hallucinogenic guardrails.

It will be available for early access in November. AccuKnox customers can easily access Ask Ada from any screen to get contextual guidance and answers to arbitrary questions:

• New users are guided in setup and configuration via a side-bar conversational interface.
• Once onboarding is completed, Ask Ada offers just-in-time insights on dashboards and during workflows.
• It highlights high-risk scenarios, and critical compliance gaps, and recommends paths to resolution suited to the user’s persona and environment.

Ask Ada guides users via conversational interfaces and provides just-in-time security recommendations tailored to persona, context, and cloud environments. Ask Ada aims to enhance security posture, provide proactive advice, and streamline policy settings through natural language interfaces. Automation allows security specialists more authority without compromising decision-making.

Use Cases

Our Gen-AI powered CNAPP allows users to interact conversationally with the AccuKnox platform. Queries are organized into four categories reflecting key personas and workflows:

1. Discovering Misconfigurations

Simplified interface for configuring security policies, integrations, baselines and more.

Ask Ada empowers users with a unified natural language interface to manage platform capabilities. Chat with the Gen-AI bot and try out these prompts:

• “Explain the process of integration into ServiceNow”
• “What SIEM tools are supported?”
• “What applications environments are supported?”

2. Fetching Actionable Insights from Logs and Alerts

Get prioritized recommendations from comprehensive log and event analysis.

Ask Ada to analyze telemetry to provide security architects with context-aware summaries of issues, configurations, and risks. You can instruct it to:

• “List container image vulnerabilities exploitable and internet exposed”
• “Summarize application security posture based on last week”
• “Generate list of CIS benchmark exceptions”

3. Obtaining Assistive Remediation Guidance

Leverage detailed steps tailored to the environment and persona for resolving security gaps.

Ask Ada generates customizable remediation instructions leveraging the knowledge base to educate users. Examples:

• “Provide steps to stop access to /vault directories”
• “Recommendations to become CIS compliant?”
• “How did CVE-2016-20013 get introduced?”

4. Auto-Generating Customized Security Actions

Automatically create policies, notifications, scans, and more based on natural language requests.

For developers, Ask Ada acts as an automation assistant for policy and action creation. You may ask it to:

• “Create KubeArmor policy to allow port 443 only”
• “Configure trigger to Slack for CVSS 8+ vulnerabilities”
• “Schedule a scan every Tuesday 3 am PT”

The natural language interface categories allow different personas to boost productivity via security posture visibility, operational insights, guided remediation and task automation.

Use Case	Benefits and Features
Prioritizing Vulnerabilities	Ranks vulnerabilities by Risk Score (CVE * Probability * Impact)
Zero Trust Policies Generation	– What-if analysis for policy creation – Stratification into “Must Apply,” “Nice to Apply,” and more
Continuous Compliance & Drift Detection	Receive actionable recommendations in conversational mode
Kubernetes Security Simplified	– Relies on KubeArmor capabilities for enhanced Kubernetes security – Integrates KIEM and GPT for comprehensive cluster protection
Multi-step Reasoning	Correlation across CI/CD, runtime, and compliance data
KubeArmor Assistant	Facilitates KubeArmor adoption through leveraging datasets

• With its user-friendly solutions, AccuKnox Ask Ada gives you the ability to prioritize vulnerabilities based on risk and streamline Kubernetes security.
• Easily create Zero Trust policies and get insightful data for ongoing compliance.
• The practical and efficient features of AccuKnox Ask Ada can help you improve your cybersecurity plan.

Interaction Examples with Ask Ada

Here’s an example of how AccuKnox Gen-AI Ask Ada will answer based on your question.

User Question: Does KubeArmor only support Kubernetes or can it also be used in on-prem deployments like legacy VMs or pure containerized workloads?

Answer: KubeArmor provides versatile support for different workloads:

1. Kubernetes Orchestrated Workloads:
   • Deploy as a k8s daemonset for policy enforcement on both k8s-pods (KubeArmorPolicy) and k8s-nodes (KubeArmorHostPolicy).
2. VM/Bare-Metal Workloads:
   • Deploy in systemd mode to support workloads on Virtual Machines or Bare Metal, where workloads function as host processes.
3. Un-Orchestrated Containerized Workloads:
   • With the v0.6 stable release, KubeArmor now supports un-orchestrated containerized workloads.
   • Offers observability and policy enforcement by generating AppArmor profiles for individual containers based on specified policies.

KubeArmor is tailored for Kubernetes environments while also accommodating on-prem deployments like legacy VMs and pure containerized workloads.

Sources:

• AccuKnox Documentation
• KubeArmor v0.6 Release Blog
• Support for Non-Orchestrated Containers
• KubeArmor Deployment Models

Inquire about Compliance, Misconfigurations & Vulnerabilities, Existing APIs with Ask Ada

Get answers about workloads, hardening policies and all your assets tied to AccuKnox CNAPP Security instantly without having to run complex search, filter and queries on the Dashboard. Ask Ada is the ultimate interface to AccuKnox CNAPP that discovers real-time data related to all your images, assets, and infrastructure to give to-the-point answers.

Question: What is the count of vulnerabilities in AwsEcrContainerImage?
Answer: The number of vulnerabilities in AwsEcrContainerImage is 322.

Question: How many findings are from AWS Inspector?
Answer: There are 1139 findings of vulnerabilities from AWS Inspector.

Question: What is the count of vulnerabilities related to NVD in the SecurityHub?
Answer: The data shows that there are 709 vulnerabilities related to NVD in the SecurityHub. 

Wrapping Up

Ask Ada represents the future of cloud security by applying the power of generative AI to empower DevSecOps teams. 

With its ability to enhance visibility, focus efforts, and enable proactive resilience across the entire cloud stack, Ask Ada allows enterprises to innovate efficiently without compromising control.