AI Security: NVIDIA BlueField Now with Vision One™

Launching at NVIDIA GTC 2025 - Transforming AI Security with Trend Vision One™ on NVIDIA BlueField

Artificial Intelligence (AI)

AI Security: NVIDIA BlueField Now with Vision One™

Launching at NVIDIA GTC 2025 - Transforming AI Security with Trend Vision One™ on NVIDIA BlueField

By: Fernando Cardoso, Eduardo Castro, Nancy Chuang

Oct 28, 2025

Read time: ( words)

Save to Folio

As artificial intelligence continues to proliferate across cloud, core, and edge environments, cybersecurity becomes increasingly important for modern enterprises. AI factories have emerged as a new class of computing infrastructure, purpose-built to support AI workloads at every scale. They present unique security requirements that traditional endpoint protection solutions struggle to address effectively—challenges that will only intensify with the rise of agentic AI. Protecting the AI factory is essential, as it houses some of an enterprise’s most valuable assets—data, models, intellectual property, and the operational systems that power AI innovation. Together with the massive computational demands, distributed architectures, and real-time processing requirements of AI workloads, these forces are driving the need for new, innovative security approaches in AI factories.

The path forward is clear: securing AI requires moving beyond bolt-on solutions to built-in, full-stack protection. This post reveals how Trend Vision One™, running on NVIDIA BlueField DPUs, is setting a new standard, combining hardware acceleration, real-time workload visibility, and advanced threat intelligence to protect AI factories at scale—without sacrificing performance.

The AI Factory Security Challenge

Modern AI Factories face several key security needs and challenges that traditional tools were not designed to handle:

• Scale and Performance: AI workloads require enormous computational resources, and traditional security solutions can significantly impact performance. Many AI applications cannot tolerate the latency introduced when traditional security inspection is applied. When security processing competes with AI computation for CPU resources, it degrades the very capabilities organizations are trying to protect. Addressing these challenges requires security mechanisms that operate at line speed without consuming valuable compute cycles.

• Distributed Architecture: AI workloads scale across dozens—or even hundreds—of physical nodes. AI factories are often multi-tenant and span multiple data center environments. This distributed nature introduces complex attack surfaces with numerous potential entry points requiring consistent policy enforcement, real-time visibility, and coordinated defense across the environment

• Comprehensive Visibility: Securing AI infrastructure requires comprehensive, real-time visibility across every layer of the stack—from the state of AI workloads at runtime, to the underlying infrastructure where modern attacks often originate. However, traditional endpoint security tools were designed to monitor individual devices, not the complex, distributed environments of AI factories—leaving critical blind spots that attackers can exploit.

Introducing Trend Vision One AI Factory EDR

Trend Micro has teamed up with NVIDIA to introduce a new era of security for AI factories—one where protection is not an afterthought, but an integral part of the infrastructure itself. With AI Factory EDR, Trend combines the threat intelligence and analytics of Trend Vision One™ with the robust, autonomous security processing of NVIDIA BlueField DPUs, delivering real-time protection at the speed and precision of AI. Security operations are now embedded within the infrastructure of the AI factory, without competing for CPU cycles or degrading performance, continuously securing the infrastructure and workloads at runtime.

Trend Vision One with a focus on AI Factory EDR gives enterprises unified visibility and control across every node and workload within their AI infrastructure. It continuously monitors workload behavior—tracking processes, system activity, and file operations—and correlates this telemetry with continuously updated global threat intelligence to detect and contain threats before they can spread.

With AI Factory EDR, security teams gain comprehensive insight into the operation of AI workloads across the entire AI factory, enabling them to detect and respond to both known and emerging threats in real time—minimizing risk and reducing potential impact.

NVIDIA BlueField DPUs are built into NVIDIA-accelerated systems and AI factories, powering the networking, data, and security infrastructure that enterprises deploy to run AI at scale. AI Factory EDR builds on this pervasive foundation, seamlessly integrating Trend Vision One’s advanced detection and response capabilities into BlueField-powered environments. This makes it easy for enterprises to add advanced security where AI workloads already run—delivering protection with the same performance, scalability, and efficiency that drive their AI operations.

Inside the AI Factory EDR

At the heart of capability is a simple but powerful idea—security should run within the AI infrastructure, not on top of it. Built on NVIDIA BlueField DPUs, Trend Vision One AI Factory EDR leverages the NVIDIA DOCA software platform to deliver protection at the infrastructure and workload layers. This unique integration enables Trend Vision One to deploy a lightweight, autonomous agent directly on BlueField, combining hardware isolation, runtime visibility, and advanced threat detection to protect AI workloads at runtime.

Figure 1: Trend Vision One on NVIDIA BlueField

NVIDIA BlueField data processing units are purpose-built processors that offload, accelerate, and isolate infrastructure and security operations—enabling high-performance networking, data movement, and cybersecurity processing that power AI at scale. By offloading these functions from the host CPU into dedicated processing engines, BlueField enforces security policies autonomously—ensuring protection even if the host is compromised. Operating in a separate trust domain, it continuously monitors host behavior, application processes, traffic patterns and other indicators without impacting performance. This distributed, zero-trust security model enables line-speed visibility and enforcement, ensuring that every data packet and process interaction within the AI factory is both observable and secure.

A key element that makes AI Factory EDR possible is the integration of the DOCA Argus microservice, which provides real-time situational awareness and runtime threat detection by inspecting host memory using advanced memory forensics. Operating at the hardware level, Argus performs live machine introspection—analyzing specific segments of volatile host memory to detect threats in real time without impacting system performance. To preserve privacy, it extracts information only from kernel structures, never from user data.

Unlike conventional security tools, DOCA Argus runs independently of the host, requiring no agents, software integration, or reliance on host-based resources. This agentless, zero-overhead design enhances system efficiency and resilience across bare-metal, virtualized, containerized, and multi-tenant environments. By operating in an isolated trust domain, Argus remains invisible to attackers—even if the host system is compromised.

[...]

Original source