Introduction#

Note

This white paper describes NVIDIA AI Enterprise components deployed in Azure AI Foundry environments. For general NVIDIA AI Enterprise security practices and policies, please visit our main NVIDIA AI Enterprise Security White Paper.

Securing the AI Software Stack: A Critical Need#

The field of Artificial Intelligence (AI) is constantly evolving, and the software stack that supports it is becoming increasingly complex. Open-source software (OSS) is playing a critical role in driving AI adoption forward at an unprecedented pace. The State of the Octoverse 2023 report revealed that there are now over 65,000 public generative AI-related projects on GitHub - a 248% year-over-year growth. This surge highlights the importance of the OSS community in ushering in the AI era. However, the vast number of OSS contributions also introduces significant challenges in maintaining a robust, enterprise-grade AI software stack.

The dynamic nature of the AI field presents additional challenges as security vulnerabilities become more numerous, requiring continuous vigilance. A recent report by Synopsys on open-source security and risk analysis revealed a 236% increase in high-risk attack patterns in OSS vulnerabilities across big data, AI, Business Intelligence, and machine learning over the past five years.

NVIDIA AI Enterprise for Production AI#

To help address these challenges, NVIDIA introduced NVIDIA AI Enterprise, an end-to-end, cloud-native software platform that accelerates data science pipelines and streamlines the development and deployment of production-grade AI. Built on open source and curated, optimized, and supported by NVIDIA, the NVIDIA AI Enterprise software platform enables developers to focus on building and deploying new AI services. NVIDIA AI Enterprise includes three supported branches: feature branches, production branches, and long-term support branches.

NVIDIA AI Enterprise includes three supported branches: feature branches, production branches, and long-term support branches. For NIMs integrated within Azure AI Foundry Model Catalog, we leverage the production branches to ensure API stability and regular security updates. It is ideal for deploying AI in production when stability is required.

For more information on different branches within NVIDIA AI Enterprise, please visit: NVIDIA AI Enterprise Security White Paper.

Ensuring Enterprise Container Security#

NVIDIA recognizes that ensuring the security of container images involves more than just securing the software components they contain. It covers the entire container development process, which requires following security-leading practices.

The following sections outline NVIDIA’s methods to strengthen container security in the NVIDIA AI Enterprise software stack, emphasizing our dedication to protecting enterprise AI applications.