At the 2025 RSA Conference in San Francisco, NVIDIA announced DOCA Argus, its latest innovation in AI security. Built into the DOCA software framework, DOCA Argus brings real-time threat detection and runtime protection to AI infrastructure. Unlike traditional security methods that rely on host-based agents, Argus runs independently on NVIDIA’s BlueField data processing units (DPUs) for better isolation and reliability in securing AI workloads.
DOCA Argus ensures its defenses stay up even if the main system is compromised by running separately from the host CPU. This is a big step towards zero-trust architecture, where security tools are completely isolated from vulnerable computing components.
How DOCA Argus secures AI workloads
DOCA Argus monitors containerized AI workloads such as NVIDIA NIM, a lightweight microservice for quick deployment of generative AI models. Unlike traditional security solutions that only check container integrity at startup, Argus monitors applications throughout their entire runtime. This continuous inspection allows it to detect unusual behavior that might be a cyberattack in progress.
One of the key benefits of DOCA Argus is its agentless design. Since it doesn’t require software to be installed on the host CPU, it reduces the risk of introducing new vulnerabilities or slowing down system performance. This also minimizes administrative overhead so security teams can deploy and maintain the system across a large infrastructure.
Argus also defends against sophisticated threats like side channel attacks. These are subtle attacks that extract information based on a system’s physical behavior, like power usage or timing patterns, rather than directly targeting software. Since Argus runs outside of the vulnerable host CPU environment, it can continue to protect critical workloads even if the main system is breached.
Morpheus and third-party integrations
DOCA Argus integrates with NVIDIA Morpheus, an AI-driven security framework. Argus feeds telemetry data from the DPU to Morpheus, which uses pre-trained AI models to detect anomalies in real time. If a threat is detected, Morpheus can automatically take action, such as isolating the traffic or blocking malicious packets entirely.
This closed-loop security system, telemetry, analysis, and response, provides a robust and scalable way to defend against modern cyber threats. For enterprises already using third-party platforms, DOCA Argus can send data to SIEM or SOAR tools for further analysis and action.
The deployment is flexible and supports environments like Kubernetes and OpenShift. You can build your security infrastructure to your operational needs without being locked into a single vendor’s stack.
Partnerships show industry support
NVIDIA is also expanding its ecosystem through partnerships with other tech companies. Cisco is the first major partner to integrate BlueField and DOCA Argus across its security products. This allows Cisco customers to get DPU-level protection in real time. Splunk will also contribute log-based data analysis capabilities to further enhance threat visibility.
These partnerships show the industry is recognizing the need for hardware-accelerated, AI-integrated security solutions. More to come as NVIDIA positions DOCA Argus as the foundation for securing AI workloads at scale.
As threats get more complex and AI becomes core to the enterprise, tools like DOCA Argus reflect a shift towards proactive, intelligent, and resilient defense. With the launch at RSAC 2025, NVIDIA is staking its claim in the future of AI security.
