NVIDIA Beefs up its AI Security Capabilities with DOCA ArgusNVIDIA Beefs up its AI Security Capabilities with DOCA Argus

SAN FRANCISCO - The industry's largest security show, RSAC Conference 2025, is underway in its normal home of San Francisco. The event has been filled with news surrounding how AI can be used to improve security operations. At the event, NVIDIA made an announcement to help organizations secure AI workloads while they're running.

NVIDIA introduced Argus, which is a runtime security module within the broader DOCA framework. Rather than relying on traditional security agents installed on host CPUs, which can be risky if hacked, DOCA Argus runs separately on NVIDIA's BlueField data processing units (DPUs). This is an ideal use case for DPUs, which are designed to offload the heavy lifting from processor intensive workloads, such as security processing.

DOCA Argus is provisioned directly onto the BlueField DPUs using zero-trust security, so the host CPU is completely out of the loop. Isolation is a key component of this architecture. If the CPU is compromised, DOCA Argus remains operational, ensuring that security measures stay in place if cybercriminals gain access to the host system.

Once deployed, DOCA Argus doesn't just verify containers when they're first installed but continuously monitors them during runtime. It protects containerized AI workloads, such as NVIDIA NIMs, which are prepackaged, optimized microservices designed to simplify and accelerate the deployment of generative AI models.

Related:The Network Impact of Cloud Security and Operations

DOCA Argus continuously monitors behavioral changes in AI workloads and enables security teams to respond immediately to potential threats. Since DOCA Argus operates without installing anything onto the host CPU, it avoids the headaches of traditional security setups, such as performance hits or complicated agent management. Additionally, this agentless approach reliably detects threats even if other defenses are under attack.

DOCA Argus can be used to prevent threats such as side channel attacks, which are security exploits that attempt to extract information from a system by analyzing physical characteristics or parameters of the system during its operation, rather than directly attacking the algorithm or code itself.

If a side channel attack occurs, the CPU and host processor can be compromised. Once those are compromised, security capabilities are usually disabled, leaving the system open to attack. Since DOCA Argus runs independently of the CPUs, the AI system can still be secured.

NVIDIA developed the security module in response to real-world challenges, using insights from NVIDIA's own security team, surfacing only real, validated threats. DOCA Argus enables NVIDIA and cybersecurity professionals to identify these types of behaviors early and isolate compromised workloads on every AI factory before they affect broader operations.

Related:Edge Computing and the Burgeoning IoT Security Threat

Beyond securing workloads at runtime, DOCA Argus integrates with Morpheus, NVIDIA's AI cybersecurity platform. It feeds Morpheus telemetry data from the DPU. Morpheus analyzes the data in real time to spot issues by using pretrained AI models. When Morpheus detects a threat, it can automatically trigger actions through BlueField, such as isolating traffic, redirecting it or dropping malicious packets to minimize the risk. Together, Argus and Morpheus create a defense system that continuously adapts to evolving threats.

DOCA Argus gathers data that can be fed into third-party SIEMs or SOAR platforms for better security operations. Morpheus combined with DOCA Argus creates an interesting NVIDIA value proposition, as DOCA Argus can feed telemetry data into Morpheus and have Morpheus detect threats with AI.

Enterprises have flexibility in how they deploy DOCA Argus, depending on their environment and use case. While NVIDIA provides the provisioning tools for DOCA Argus, customers can choose to install it alongside third-party platforms such as OpenShift and Kubernetes.

Related:IAM and CIEM Boost Network Security and 360-Degree Visibility

Cisco is the first partner to integrate BlueField, running DOCA Argus across its cybersecurity products. NVIDIA is also working with Splunk, which will provide log-based data analysis as part of broader security workflows. More partnerships are expected to follow.