CrowdStrike and NVIDIA introduce real-time LLM defence, changing the way of AI protection at companies

CrowdStrike emphasises that security should not be an application, but an integral part of the IT architecture. According to CEO George Kurtz, AI defence is impossible without full visibility and working with deep data – which is what allows the company to stop threats at machine learning speeds, six times faster than traditional methods. This approach is at the heart of CrowdStrike‘s strategy: to use threat analytics and telemetry to drive the defence of modern IT systems.

In partnership with NVIDIA, CrowdStrike is enhancing NeMo Safety, an AI risk assessment framework that works through proprietary threat intelligence based on the analysis of trillions of events. This allows building robust defences against the latest attack tactics against AI models. According to Daniel Bernard, Chief Business Officer, the new integration takes generative AI security to the next level, providing robust defences from the development phase to cloud deployment.

CrowdStrike has integrated Falcon Cloud Security directly into NVIDIA LLM NIM microservices to provide protection where the threats arise – inside the AI chains. This approach can detect vulnerabilities, malicious data, configuration errors, and shadow AI before deployment, and at runtime identify sophisticated attacks like prompt injection or stealthy data leakage through analytics built on trillions of daily telemetry signals.

Unlike the market, which often adds AI as an add-on, CrowdStrike has created inbuilt security for the entire lifecycle of models: from development to execution. Falcon provides unified cloud, credentials and endpoint protection, which is critical when attacks span multiple vectors simultaneously. According to Daniel Bernard, Falcon helps stop attacks before they happen, giving companies complete control over AI security.

Shadow AI is one of the most dangerous yet least controlled threats in the enterprise environment. Without proper visibility, security teams don’t know where the models are running, who is creating them or how they are configured, which creates serious risks – especially given access to sensitive data. Falcon Cloud Security detects such hidden activity, enabling protection policies to be enforced where previously it wasn’t possible.

CrowdStrike integrates security directly into AI pipelines, providing real-time monitoring and response – exactly where attacks are occurring. In a world of rapid adoption of generative AI without clear regulations and policies, the situation is reminiscent of the BYOD era, when devices with uncontrolled access appeared en masse in enterprise IT. But the current pace of development and diversity of AI solutions creates an even more complex and dangerous environment to defend.

Traditional post-deployment AI security tools do not provide adequate protection at critical times. CrowdStrike changes this by integrating Falcon Cloud Security directly into NVIDIA’s LLM infrastructure, providing protection from development to execution.

With AI-SPM, the Falcon module can detect configuration errors, unauthorised models and policy violations before launch, and automates compliance with regulatory requirements such as the EU AI Act. This enables organisations to develop AI without losing control and accountability.

Generative AI significantly expands the attack surface, creating new risks that traditional perimeter security cannot address. Threats specific to generative models – such as prompt injection, data leaks, or model poisoning – require deeper visibility, more precise controls, and built-in defences. CrowdStrike‘s integration with NVIDIA’s LLM infrastructure offers an architectural approach that closes these security gaps before models are even run.

For CISOs, IS leaders and DevOps teams, embedded security controls throughout the lifecycle of AI models offer a number of benefits:

• Scalable zero trust: Automated deployment of security policies eliminates manual labour, consistently delivering zero-trust protection across every AI model.
• Proactive vulnerability remediation: Identifying and neutralising risks before execution even begins significantly reduces the opportunities for attackers.
• Continuous analytics at runtime: Real-time telemetry-based detection quickly identifies and blocks threats such as rapid deployment, model poisoning and unauthorised data leakage.

According to Daniel Bernard, CrowdStrike is focused on protecting exactly those models that companies train themselves – especially on proprietary or sensitive data. These are not standard risks and therefore require customised solutions, deep visibility into queries and responses at runtime of the model. Also, strong controls are needed in the processes of training, tuning and deploying such models. In an era where AI is becoming the backbone of enterprise infrastructure, integrated security is no longer an option but a must.