National Defense Agency Defends AI Infrastructure

A national defense agency in the Middle East was advancingthe use of AI applications, agents, and chatbot-style systems in a highlysensitive operational environment. As AI adoption accelerated, the agencyneeded to ensure that innovation could proceed without introducing unacceptablerisk across mission-critical systems, sensitive data, or operational workflows.Because of the classified nature of the environment, standard cloud-based orremotely managed security tooling was not an option.

The agency required a solution that could be deployed fullyon premises, inside an air-gapped environment with no external network access.Even deployment personnel would not be permitted to connect externally while onsite. This created a very different set of requirements from those seen intypical enterprise AI programs: the platform had to deliver enterprise-grade AIsecurity, runtime protection, governance, and testing entirely within thecustomer’s isolated environment.

The agency was facing a familiar problem in AI adoption,but under far more demanding operational constraints. Multiple AI models werealready in use across applications and agentic workflows, yet the organizationhad limited centralized visibility into how those models were being used, whichapplications and agents were connected to them, and where security controlsneeded to be enforced most urgently.

At the same time, the environment imposed strict deploymentrequirements. Any solution had to run fully on premises in an air-gappedsetting, with no dependence on live external connectivity. The agency alsoneeded confidence that the platform could be deployed in person, hardenedappropriately, and integrated into existing internal security operationsworkflows. A requirement to route events into SIEM or SOAR systems addedanother operational consideration, even though the exact downstream tooling hadnot yet been finalized.

The challenge was not limited to visibility alone. Thetechnical team’s priorities included runtime protection, red teaming,MCP-related controls, and potentially discovery and posture management as partof a broader AI security program. The customer was also comparing options andevaluating technical fit, modular pricing, and the practicality of anair-gapped deployment model. In other words, the project required more than apoint solution. It needed a platform capable of securing the full lifecycle ofAI applications and autonomous workflows in a highly restricted environment.

To meet these requirements, PointGuard AI positioned itsunified AI Security & Governance platform as a fully deployable on-premisessolution for sensitive environments. The proposed scope covered four LLM modelsand up to 100 applications, agents, or chatbots using those models, giving theagency a practical starting point for securing a meaningful portion of its AIfootprint.

Air-Gapped Deployment and Operational Fit

The first requirement was simple but non-negotiable: thesolution had to work inside a fully isolated environment. PointGuard AI alignedto that need by supporting a deployment model built for on-premises, air-gappedoperations, including the expectation that professional services could bedelivered on site without any need for outbound communication from the securelocation. This was essential because the agency’s environment did not permitexternal network access and imposed strict operational controls even onimplementation teams.

Runtime Security for AI Applications and Agents

A core part of the requirement was protecting live AIsystems. The agency needed confidence that models embedded in applications,agents, and chatbot workflows could be monitored and controlled once deployed.PointGuard AI’s runtime defense capabilities were relevant here because theyhelp security teams monitor AI interactions, detect risky behavior, and applyprotection policies where models are actively being used. This was particularlyimportant in an environment where AI misuse, unsafe outputs, or unexpectedmodel behavior could create outsized operational consequences.

Continuous Automated Red Teaming

The customer also prioritized red teaming as a frontlinecontrol. Rather than relying on one-time assessments, PointGuard AI supportscontinuous adversarial testing of AI applications and agent workflows. In thiscontext, that meant a way to probe for prompt injection, policy evasion, unsafetool usage, model misuse, and other agentic or LLM-native risks before thoseweaknesses could affect production operations. For a defense environment, thiskind of proactive testing is especially valuable because it allows teams toharden systems before exposure rather than investigate after an incident.

MCP Governance and AI Control Points

MCP-related requirements were also part of the technicalscope. As AI applications and agents increasingly rely on tools, externalsystems, and chained workflows, securing the control layer between models andtools becomes critical. PointGuard AI was positioned to help the agency enforcestronger governance and policy controls around how AI systems interact withexternal resources, internal tools, and operational workflows. In a highlyclassified setting, this kind of governance supports tighter control over whatAI systems can access, what actions they can take, and how those actions aremonitored and audited.

Centralized Visibility and Security Oversight

Although runtime and testing were top priorities, discoveryand posture themes were also relevant. The agency needed a clearerunderstanding of which models were in use, which applications and agenticworkflows depended on them, and where security controls should be appliedfirst. PointGuard AI’s broader AI Security & Governance platform isdesigned to provide that system-of-record layer: a unified view across models,applications, agents, and related controls, helping security teams move fromfragmented oversight to centralized governance.

The PointGuard AI platform delivered this defense agency with:

• A viable path to securing AI in a fully air-gapped, on-premises environment.
• A single platform approach spanning runtime defense, continuous red teaming, MCP governance, and broader AI security visibility.
• Support for modular adoption, allowing the customer to align scope and pricing to operational priorities.
• A framework for integrating AI security telemetry into existing SIEM / SOAR processes.
• Greater confidence that sensitive AI initiatives could move forward with controls designed for national-security-grade environments.