Cloud environments are where AI is built, trained, and deployed at scale. Organizations are deploying AI workloads on Kubernetes, integrating with managed machine learning (ML) platforms like Amazon SageMaker and Bedrock, and building applications that communicate with LLMs through the OpenAI API specification. Each of these environments introduces distinct security challenges and blind spots that adversaries can exploit.
One of the most significant risks in AI development is sensitive data flowing into AI pipelines without visibility or controls. Training data, customer personally identifiable information (PII), and proprietary intellectual property can all end up in places it was never intended to go, creating compliance exposure and breach risk.
Securing AI in the Cloud from Development to Runtime
AI Agent Discovery integrates with Microsoft Copilot (Power Platform), Salesforce Agentforce, ChatGPT Enterprise, OpenAI Enterprise GPT, and Nexos.ai. Security teams can identify risky configurations, excessive access, and ownership gaps, and apply centralized governance as AI agent usage scales. For organizations building AI applications that leverage SaaS-based agent frameworks, this capability provides the visibility needed to help deployed agents operate within intended parameters and prevent misconfiguration or compromise post-deployment.
AI Detection and Response for Containerized Workloads
CrowdStrike Falcon® Data Protection for Cloud now addresses this with real-time visibility into how sensitive cloud data flows into and through AI services at runtime. Using eBPF-powered monitoring, Falcon Data Protection for Cloud continuously observes data flows across cloud services, APIs, containers, and internal services, classifying sensitive content in real time as it moves. For AI-driven workloads, this monitoring extends into AI data paths: Teams can see sensitive data as it’s collected from cloud storage and databases, passed through internal or external AI orchestration layers including MCP servers, and sent to or consumed by internal AI and ML services such as Amazon SageMaker and Bedrock.
As organizations increasingly standardize on Kubernetes to host mission-critical AI workloads, the Kubernetes orchestration layer becomes a high-value target. Falcon Cloud Detection and Response, part of Falcon Cloud Security, now provides deep visibility and detections into the Kubernetes API Server. By ingesting Kubernetes audit logs, Falcon Cloud Security CDR monitors API requests and configuration changes for suspicious activity, generating detections that can be correlated with workload, cloud, and endpoint detections in Falcon Next-Gen SIEM. This gives SOC analysts the ability to visualize the full scope of adversary movements in attacks that include Kubernetes, a critical capability for teams building and operating AI workloads at scale.
Not all shadow AI in SaaS environments is visible through API connectors alone. To extend coverage, Falcon Shield also now analyzes Falcon sensor endpoint-collected DNS telemetry to uncover shadow AI use via SaaS, helping to capture even AI tools accessed without formal SaaS API connectors deployed in the organization’s SaaS AI inventory.
Threat Detection for Kubernetes AI Workloads
This new capability is currently pre-beta and will go to GA next quarter (Q2).
AI Data Flow Discovery in the Cloud
This capability is delivered via an integration with CrowdStrike Falcon® Cloud Security, which intercepts OpenAI API calls and routes them through Falcon AIDR’s detection engine, with detections surfaced in the Falcon AIDR console and in CrowdStrike Falcon® Next-Gen SIEM. Security teams can take response actions directly within the CrowdStrike Falcon® Cloud Security console, including isolating or terminating AI workloads, to contain threats before they escalate.
For organizations building and deploying AI applications in the cloud, runtime threat detection at the application layer is essential. Falcon AIDR will extend runtime guardrails to containerized applications communicating with the OpenAI API specification, detecting prompt injections, data leaks, and access control and content policy violations for cloud-hosted AI workloads.
