The integration of generative artificial intelligence (like Google Gemini) within security operations centers (SOCs) is undoubtedly one of the greatest advances in the cyber industry. It allows you to parse raw Microsoft Defender JSON payloads in milliseconds, translate the obfuscation of complex scripts and generate clear summaries for management committees.
However, for IT directors (CIOs), information systems security managers (CISOs) and data protection officers (DPOs), the use of AI raises a legitimate concern: thedata privacy. If security logs containing Entra ID usernames or internal server configurations are sent to an AI, how can we ensure that this sensitive information will not be leaked or used to train public models? Let's decipher the trust architecture implemented by Akuity SOC.
The danger of consumer AI in business
The concern of security professionals is not unfounded. The use of consumer generative AI tools (such as the free versions of ChatGPT or Gemini accessible via a web browser) presents a major risk of information leakage (Data Leakage).
In their general conditions of use, these services clearly stipulate that the data entered by users (the "prompts") can be reread by human operators and reused to train and improve future versions of the algorithm.
If a SOC analyst copies and pastes the JSON payload of a critical Defender alert into a public AI to ask it to analyze it, the company's technological secrets (server names, private IP addresses, detected software vulnerabilities, employee emails) enter the public domain of the AI provider. A third-party user on the other side of the world could potentially, via targeted queries, see this data resurface in an AI response.
Akuity SOC Architecture: Enterprise-Grade Isolation via Vertex AI
To bring the power of Gemini AI to cyber teams without ever making the slightest compromise on confidentiality, the Akuity SOC orchestrator relies exclusively on the platformGoogle Cloud Vertex AI"Enterprise" grade.
This architecture guarantees watertight partitioning of data according to three fundamental rules:
1. Zero training on your data
This is the central pillar of the Vertex AI compliance agreement: your incident data, your raw Defender JSON files, your KQL queries and your discussions within the chat module with the AIare never usedto train Google's underlying Large Language Models (LLM). Your data remains your exclusive property.
2. Request isolation (Encryption and Data Governance)
API calls sent from the Akuity backend to Vertex AI run in a highly secure sovereign cloud environment, located in Europe (Bavaria, Germany). Payloads travel via end-to-end encrypted channels. As soon as the AI finishes writing the summary or decoding the PowerShell script, the ephemeral session memory is purged. No data is persisted on the AI infrastructure servers.
3. Strict database level access protection (PostgreSQL RLS)
The display of AI-generated analyzes scrupulously respects the security of your workspace. The mechanism ofRow-Level Security (RLS)of our PostgreSQL database guarantees that the metadata and textual summaries stored in the ticket tables are invisible to any external user or any other multi-client tenant of the platform.
Full control left to the local administrator
Transparency is the key to mature cyber governance. Although the Gemini AI assistant is a great asset in reducing MTTR and relieving mental fatigue for your L1 analysts, Akuity SOC leaves full control to your Workspace administrators.
Within the tab“User Profile”from the general settings page (ProfileSettings.tsx), a dedicated switch (Toggle Switch) entitled“Gemini Cat Assistant”allows you to completely activate or deactivate artificial intelligence for remediation assistance at the level of your profile. If your security policy or industry constraints require a complete absence of AI processing, a single click deactivates the module, replacing automatic analyzes with a purely factual and traditional ticket management interface.
Conclusion: Innovation in complete safety
Enterprise-grade generative artificial intelligence is no longer a security risk: it is a shield. By combining the linguistic analysis power of Google Gemini with the strict privacy guarantees of Vertex AI and the native partitioning of a European sovereign architecture, Akuity allows you to innovate with complete peace of mind, in full compliance with GDPR and SOC 2.
Innovate without compromising the confidentiality of your architecture.> Discover ourGemini AI-assisted SOAR Orchestratorand configure your sovereign workspace in less than 5 minutes.