Linux / amd64
This NIM Agent Blueprint demonstrates accelerated analysis on common vulnerabilities and exposures (CVE) at an enterprise scale, reducing mitigation from days and hours to just seconds. While traditional methods require substantial manual effort to pinpoint solutions for vulnerabilities, these technologies enable quick, automatic, and actionable CVE risk analysis using large language models (LLMs) and retrieval-augmented generation (RAG). With this blueprint, security analysts can expedite the process of determining whether a software package includes exploitable and vulnerable components using LLMs and event-driven RAG triggered by the creation of a new software container or the detection of a CVE. Using NVIDIA NIM microservices and the Morpheus cybersecurity AI SDK, the NIM Agent Blueprint for vulnerability analysis accelerates CVE analysis, dramatically reducing time to assess from days to just seconds.
Key benefits of the NIM Agent Blueprint for vulnerability analysis include:
Faster time to assess: Allows analysts to investigate individual CVEs in seconds rather than hours or even days.
Reduced CVE noise: LLM agents can expedite investigations and cut through the noise of an increasing number of known CVEs to highlight actual urgent security risks.
Event-driven Automation: multiple LLM agents are implemented to automate vulnerability management, verification, and VEX justification, all triggered by the results of upstream vulnerability scans.
To get started, review the information linked below and learn what is included in the Blueprint, as well as where and how to run the workflow.
Experience or download this blueprint at build.nvidia.com.
Dive into the blueprint integration code and resources at Github: https://github.com/NVIDIA-AI-Blueprints/vulnerability-analysis
Contact NVIDIA to learn more about how you can purchase NVIDIA AI Enterprise for your production deployment.
GOVERNING TERMS: The software and materials are governed by the NVIDIA Software License Agreement and the Product-Specific Terms for NVIDIA AI Products; The use of the models is governed by the NVIDIA AI Foundation Models Community License Agreement.
ADDITIONAL INFORMATION: Meta Llama 3 Community License, Built with Meta Llama 3. Nemo Text Retriever E5 Embedding Model: MIT license.