Shift AI Risk Assessments Further Left and Multi-Modal Runtime Protection | May 2025
New in this release: flexible CI/CD integration, comprehensive runtime document protection, and adaptable deployment options, enabling security teams to protect AI applications without constraining innovation.
It’s a start of a new month, so let’s talk about the round up of new product releases from Straiker. Inspired by conversations from the field and shaped by customer asks, the team has made three major enhancements to Ascend AI and Defend AI available as part of Straiker’s May 2025 release:
- Native CI/CD integrations to identify and remediate AI application risks at the source
- Flexibility to run your AI red teaming exercise during development
- Multimodality support for runtime guardrails of documents and common file types
Let’s dive in.
CI/CD integration for your AI application lifecycle
Ascend AI natively integrates with your CI/CD pipeline
We wanted to make building and securing agent AI systems and genAI applications more seamless. That's why we've reimagined how Straiker integrates into your development pipeline with our new thin client architecture. This native integration transforms AI security from a manual checkpoint into an automated, continuous process that scales with your development velocity.
With Straiker's CI/CD integration, you can now:
- Automate security assessments for every model update, prompt change, or configuration modification without manual intervention
- Configure assessment scope and intensity to match your specific risk tolerance and deployment timeline, ensuring security testing aligns with your development cadence
- Receive immediate feedback on security posture changes, enabling developers to address vulnerabilities before they reach production environments
- Maintain security continuity across your entire AI application lifecycle, from initial development through production deployment
This integration reflects our core belief that security must be as agile as the applications it protects. By embedding security testing directly into your development workflow, you can identify and remediate vulnerabilities at the source—when they're least expensive to fix.
Customize your Ascend AI Risk Assessment
Ascend AI shifts your security left in whichever format you want
After hearing frustrations about “one-size-fits-all” vendor models, we wanted to build Ascend AI with flexibility regardless of how your organization structures or performs security testing. We encountered specific customer blockers that drove this enhancement. One team with 2-week sprint cycles felt that our one-time 4-hour comprehensive assessments would disrupt their release velocity, and that they would rather run a subset of these tests more frequently. Another, team cared more about testing their application for risks to LLM Evasions relative to the other controls present in Ascend AI, and they wanted to test deterioration along this control every time they pushed a PR.
These scenarios revealed that our fixed assessment framework was forcing architectural compromises. Development teams were either bypassing security testing entirely or restructuring their deployment pipelines around our tooling constraints. Our enhanced configurability addresses these specific integration challenges by allowing you to:
Integrate at any SDLC stage that matches your team's workflow—from early development through pre-production validation to post-deployment monitoring
- Choose your deployment model with options for automated CI/CD pipeline integration, scheduled assessments, or on-demand security reports based on your operational needs
- Customize assessment scope and depth to balance comprehensive security coverage with project timelines and resource constraints
- Adapt to your team's preferences, whether you prefer automated, continuous security testing or strategic, milestone-based assessments
Whether you're conducting a comprehensive security audit of an existing AI application or integrating security testing into an agile development pipeline, Straiker adapts to your workflow rather than forcing you to adapt to ours.
Multimodality support for runtime guardrails
Defend AI supports multiple file types for AI runtime guardrails
During customer conversations, we've observed how organizations are increasingly building AI for internal uses, such as HR-related AI chatbots that need to process employee handbook PDFs, analyze uploaded resumes during recruitment, or review policy documents when answering benefits questions. For example, an employee might upload their pay stub as a PDF while asking "Am I eligible for the housing allowance mentioned in our benefits guide?" - requiring the AI to simultaneously process the uploaded document and cross-reference company policy documents to provide an accurate response. Straiker Defend AI now provides comprehensive runtime security protection for these document-based AI interactions. Organizations have consistently requested the ability to secure AI applications that process diverse content types beyond simple text—and we've delivered exactly that capability.
With Straiker Defend AI's expanded document support, you can now:
- Protect document-based interactions in real-time across PDFs, Word documents, spreadsheets, and other common business formats that your AI applications process in production, without any compromise in detection latency.
- Detect and block document-embedded threats where malicious actors embed attacks within seemingly legitimate documents, exploiting how AI systems parse and interpret structured content
- Ensure comprehensive runtime coverage for AI applications that handle mixed content types, from customer service chatbots processing uploaded files to document analysis workflows
- Maintain consistent security policies across your entire content pipeline, ensuring the same protection standards whether users interact through text, upload documents, or combine multiple input methods
This capability addresses a critical gap that customers have highlighted: while text-based interactions were well-protected, document processing represented an unmonitored attack vector in production AI systems. Defend AI now provides complete runtime protection regardless of how users interact with your AI applications.
Get a custom demo of Straiker's May release
These three enhancements eliminate traditional trade-offs between security and agility. By offering flexible CI/CD integration, comprehensive runtime document protection, and adaptable deployment options, we enable security teams to protect AI applications without constraining innovation.
We’re listening to customer feedback, and we’re happy to demo these capabilities for you so that you can accelerate your AI transformation.
It’s a start of a new month, so let’s talk about the round up of new product releases from Straiker. Inspired by conversations from the field and shaped by customer asks, the team has made three major enhancements to Ascend AI and Defend AI available as part of Straiker’s May 2025 release:
- Native CI/CD integrations to identify and remediate AI application risks at the source
- Flexibility to run your AI red teaming exercise during development
- Multimodality support for runtime guardrails of documents and common file types
Let’s dive in.
CI/CD integration for your AI application lifecycle
Ascend AI natively integrates with your CI/CD pipeline
We wanted to make building and securing agent AI systems and genAI applications more seamless. That's why we've reimagined how Straiker integrates into your development pipeline with our new thin client architecture. This native integration transforms AI security from a manual checkpoint into an automated, continuous process that scales with your development velocity.
With Straiker's CI/CD integration, you can now:
- Automate security assessments for every model update, prompt change, or configuration modification without manual intervention
- Configure assessment scope and intensity to match your specific risk tolerance and deployment timeline, ensuring security testing aligns with your development cadence
- Receive immediate feedback on security posture changes, enabling developers to address vulnerabilities before they reach production environments
- Maintain security continuity across your entire AI application lifecycle, from initial development through production deployment
This integration reflects our core belief that security must be as agile as the applications it protects. By embedding security testing directly into your development workflow, you can identify and remediate vulnerabilities at the source—when they're least expensive to fix.
Customize your Ascend AI Risk Assessment
Ascend AI shifts your security left in whichever format you want
After hearing frustrations about “one-size-fits-all” vendor models, we wanted to build Ascend AI with flexibility regardless of how your organization structures or performs security testing. We encountered specific customer blockers that drove this enhancement. One team with 2-week sprint cycles felt that our one-time 4-hour comprehensive assessments would disrupt their release velocity, and that they would rather run a subset of these tests more frequently. Another, team cared more about testing their application for risks to LLM Evasions relative to the other controls present in Ascend AI, and they wanted to test deterioration along this control every time they pushed a PR.
These scenarios revealed that our fixed assessment framework was forcing architectural compromises. Development teams were either bypassing security testing entirely or restructuring their deployment pipelines around our tooling constraints. Our enhanced configurability addresses these specific integration challenges by allowing you to:
Integrate at any SDLC stage that matches your team's workflow—from early development through pre-production validation to post-deployment monitoring
- Choose your deployment model with options for automated CI/CD pipeline integration, scheduled assessments, or on-demand security reports based on your operational needs
- Customize assessment scope and depth to balance comprehensive security coverage with project timelines and resource constraints
- Adapt to your team's preferences, whether you prefer automated, continuous security testing or strategic, milestone-based assessments
Whether you're conducting a comprehensive security audit of an existing AI application or integrating security testing into an agile development pipeline, Straiker adapts to your workflow rather than forcing you to adapt to ours.
Multimodality support for runtime guardrails
Defend AI supports multiple file types for AI runtime guardrails
During customer conversations, we've observed how organizations are increasingly building AI for internal uses, such as HR-related AI chatbots that need to process employee handbook PDFs, analyze uploaded resumes during recruitment, or review policy documents when answering benefits questions. For example, an employee might upload their pay stub as a PDF while asking "Am I eligible for the housing allowance mentioned in our benefits guide?" - requiring the AI to simultaneously process the uploaded document and cross-reference company policy documents to provide an accurate response. Straiker Defend AI now provides comprehensive runtime security protection for these document-based AI interactions. Organizations have consistently requested the ability to secure AI applications that process diverse content types beyond simple text—and we've delivered exactly that capability.
With Straiker Defend AI's expanded document support, you can now:
- Protect document-based interactions in real-time across PDFs, Word documents, spreadsheets, and other common business formats that your AI applications process in production, without any compromise in detection latency.
- Detect and block document-embedded threats where malicious actors embed attacks within seemingly legitimate documents, exploiting how AI systems parse and interpret structured content
- Ensure comprehensive runtime coverage for AI applications that handle mixed content types, from customer service chatbots processing uploaded files to document analysis workflows
- Maintain consistent security policies across your entire content pipeline, ensuring the same protection standards whether users interact through text, upload documents, or combine multiple input methods
This capability addresses a critical gap that customers have highlighted: while text-based interactions were well-protected, document processing represented an unmonitored attack vector in production AI systems. Defend AI now provides complete runtime protection regardless of how users interact with your AI applications.
Get a custom demo of Straiker's May release
These three enhancements eliminate traditional trade-offs between security and agility. By offering flexible CI/CD integration, comprehensive runtime document protection, and adaptable deployment options, we enable security teams to protect AI applications without constraining innovation.
We’re listening to customer feedback, and we’re happy to demo these capabilities for you so that you can accelerate your AI transformation.
similar resources
Secure your agentic AI and AI-native application journey with Straiker
.avif)
