Accelerating Zero Trust Outcomes with Generative AI, Part 1: AI Labeling
Artificial intelligence (AI) seems inescapable nowadays. The revolution that started with the release of ChatGPT in 2022 has now evolved into a full-blown arms race to train new language models and capitalize on the opportunities afforded by generative AI technology. In 2024, it’s not a stretch to say that AI will transform the way we work.
As a customer-focused company, Akamai is keen on ensuring that generative AI is leveraged securely and effectively in our offerings. This blog post is the first in a four-part series that will highlight our use of, and investments in, generative AI technology to assist security experts with accelerating and simplifying their Zero Trust initiatives.
Investing in generative AI
We think generative AI is an enormous asset — and we’re not the only ones who see the benefits of this technology. According to Salesforce, 67% of end users surveyed say generative AI will help them “get more out of other technology investments,” and 45% reported that they would use generative AI more “if it was integrated into the technology they already use.”
From the vendor side, a Gartner poll of more than 2,500 executives found that 38% indicated “customer experience and retention” as the primary purpose of their investments in generative AI capabilities.
Akamai already incorporates machine learning and predictive AI into our products. But when it comes to our Zero Trust platform, Akamai is committed to expanding its generative AI components to further improve customer experience, reduce the overall time it takes to build and enact security policy, and enable security teams to achieve Zero Trust outcomes more quickly and effectively.
Generative AI and segmentation
As we showed in our State of Segmentation 2023 report, the biggest obstacle to implementing segmentation across business-critical assets is a general lack of skills and expertise. If we want more teams to segment their workloads and critical applications, we need to make it easier and quicker to implement that segmentation.
Labeling is the backbone of software-based segmentation and microsegmentation. Security policy enforcement has been abstracted away from underlying physical characteristics like port and IP, and is applied based on the label given to a specific component, machine, or groups of machines. For example, I could create a security policy that blocks direct connections from the internet to all components, on any port and with any protocol, where the label is Role = database or Application = CRM (Customer Relationship Management).
The problem is that many organizations don’t have a single data source with a complete, up-to-date set of server metadata. This is necessary to ensure correct labeling, and by extension, to ensure correct enforcement of a comprehensive security policy. A lack of metadata means that labeling becomes a manual investigative effort, and we’ve seen this scenario slow down solution deployment with some of our own customers.
Akamai AI Labeling
To solve this problem, we’re introducing a new generative AI–powered feature: AI Labeling. This new feature leverages generative AI capabilities to suggest appropriate labels based on process communications that our solution identifies. The large language model (LLM) used by this feature has been trained to recognize prompts in conversational English, and it will determine the most likely identity for a machine that has specific processes communicating. The figure below shows recommendations for Application labels (Figure 1).
Fig. 1: Using the AI Labeling feature to identify Application identity based on their communicating processes
We recognize that AI, especially in its early stages, is not always foolproof. To remedy this, every label suggestion will include a confidence score that reflects how confident the LLM is about the suggestion, and it will also provide an explanation for why this label was suggested. This will help teams ensure that they are acting on only the most confident suggestions, reducing the potential for error (Figure 2).
Fig. 2: Presenting confidence scores and evidence for each Application:CRM suggestion
We believe that AI Labeling will remove much of the manual process of labeling machines and components in your environment, which will significantly shorten the time it takes to create and enforce security policy. The resulting increase in SecOps efficiency means your teams can spend less time preparing to segment, and more time actually segmenting and accelerating your Zero Trust security goals.
Learn more
To learn more about our generative AI–powered Zero Trust platform, visit akamai.com/zerotrust.