AI application protection is a feature in Web Application Firewall (WAF) 3.0. It provides security measures for artificial intelligence (AI) systems and their applications to protect AI models, data, infrastructure, and business processes from attacks, abuse, or accidental risks. This topic describes the benefits of AI application protection and how to enable it.
What is AI application protection
AI models are widely used in various fields, such as natural language processing, image recognition, and intelligent recommendation systems. Their powerful generative and efficient processing capabilities bring unprecedented opportunities to many industries. However, developers and enterprises often face security threats when developing and operating AI applications and AI Agents. These threats include content compliance risks, prompt injection attacks, jailbreak instructions, and role assumption. The emergence of these AI threats not only disrupts normal business operations but also poses significant compliance and social risks to enterprises. Therefore, the security of AI applications is a critical consideration.
Benefits of AI application protection
The AI application protection feature integrates with Alibaba Cloud AI Security Guardrails. It provides detection for prompt injection and jailbreak attacks, supports request compliance checks, and uses WAF measures such as blocking, response replacement, and revocation to block threats in real-time and ensure business security.
Prompt attack detection: Provides professional defense against injection attacks that target generative AI. It accurately detects adversarial attack behaviors, such as jailbreak instructions, role assumption, and system instruction tampering, to build a strong defense for AI systems. This feature is ideal for scenarios such as securing AI Agent instruction interactions, defending against adversarial attacks in open-domain dialogue systems, and controlling permissions for third-party plugin calls.
Content compliance check: Performs compliance checks on request and response content to ensure that all interactions meet security and regulatory requirements.
Real-time protection and response: Blocks abnormal behavior in real-time using WAF measures such as blocking, response replacement, and revocation. It can also automatically replace response content to ensure secure business operations.
Enable AI application protection
Before you enable AI application protection, you must purchase a subscription WAF 3.0 or pay-as-you-go WAF 3.0 instance and add your web service to WAF.
Log on to the Web Application Firewall 3.0 console. In the top menu bar, select the resource group and region (Chinese Mainland or Outside Chinese Mainland) for the WAF instance.
In the navigation pane on the left, choose .
Apply for the public preview:
Pay-as-you-go WAF: On the AI Application Protection page, click Apply For Free Trial During Public Preview. On the WAF-AI Application Protection Module POC Application page, fill in the application information and click Submit.
After Alibaba Cloud receives your application, an engineer will contact you within one week to confirm the trial details. After your application is approved, the AI application protection feature is automatically enabled for your WAF instance.
Subscription WAF: On the AI Application Protection page, click Apply For 7-day Free PoC to enable the AI application protection feature. This starts a 7-day free trial.