From 5abe9569315c8769a8d093ae8dd823eb2acc7fae Mon Sep 17 00:00:00 2001
From: Stephen <109609721+ssumner-ms@users.noreply.github.com>
Date: Thu, 16 Jan 2025 13:52:24 -0500
Subject: [PATCH] Enhance security recommendations in AI infrastructure
 documentation

---
 docs/scenarios/ai/infrastructure/security.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/docs/scenarios/ai/infrastructure/security.md b/docs/scenarios/ai/infrastructure/security.md
index b91ee3df6..a25220d6f 100644
--- a/docs/scenarios/ai/infrastructure/security.md
+++ b/docs/scenarios/ai/infrastructure/security.md
@@ -13,7 +13,11 @@ This article provides security recommendations for organizations running AI work
 
 ## Secure Azure services
 
-Azure service security requires configuring each Azure service used in an AI architecture to meet specific security standards and benchmarks. To apply secure configurations to Azure services, use the [Azure security baselines](/security/benchmark/azure/security-baselines-overview) for each service in your architecture. Common Azure services in AI workloads on Azure infrastructure include: [Windows virtual machines](/security/benchmark/azure/baselines/virtual-machines-windows-virtual-machines-security-baseline), [Linux virtual machines](/security/benchmark/azure/baselines/virtual-machines-linux-virtual-machines-security-baseline), [Azure CycleCloud](/azure/cyclecloud/concepts/security-best-practices), and [Key Vault](/security/benchmark/azure/baselines/key-vault-security-baseline).
+Azure service security requires configuring each Azure service used in an AI architecture to meet specific security standards and benchmarks.
+
+- *Harden Azure services.* To apply secure configurations to Azure services, use the [Azure security baselines](/security/benchmark/azure/security-baselines-overview) for each service in your architecture. Common Azure services in AI workloads on Azure infrastructure include: [Windows virtual machines](/security/benchmark/azure/baselines/virtual-machines-windows-virtual-machines-security-baseline), [Linux virtual machines](/security/benchmark/azure/baselines/virtual-machines-linux-virtual-machines-security-baseline), [Azure CycleCloud](/azure/cyclecloud/concepts/security-best-practices), and [Key Vault](/security/benchmark/azure/baselines/key-vault-security-baseline).
+
+- *Consider secure compute options.* Secure the boot process and integrity of your VMs using [trusted launch](/azure/virtual-machines/trusted-launch). Depending on your industry and use case, consider using confidential AI. [Confidential AI](/azure/confidential-computing/confidential-ai) is for cryptographically verifiable protection for AI data and models during training, fine-tuning, and inferencing.
 
 ## Secure networks