Gcore named a Leader in the GigaOm Radar for AI Infrastructure!Get the report
Under attack? Log in
Sign up for free

Products

Solutions

Pricing

Resources

Partners

Why Gcore

Under attack?
Log in
Contact us
Contact us Sign up for free
  1. Home
  2. Developers
  3. 3 underestimated security risks of AI workloads and how to overcome them

3 underestimated security risks of AI workloads and how to overcome them

  • By Gcore
  • July 31, 2025
  • 5 min read
3 underestimated security risks of AI workloads and how to overcome them

Table of contents

Try Gcore Security

Try for free

Artificial intelligence workloads introduce a fundamentally different security landscape for engineering and security teams. Unlike traditional applications, AI systems must protect not just endpoints and networks, but also training data pipelines, feature stores, model repositories, and inference APIs. Each phase of the AI life cycle presents distinct attack vectors that adversaries can exploit to corrupt model behavior, extract proprietary logic, or manipulate downstream outputs.

In this article, we uncover three security vulnerabilities of AI workloads and explain how developers and MLOps teams can overcome them. We also look at how investing in your AI security can save time and money, explore the challenges that lie ahead for AI security, and offer a simplified way to protect your AI workloads with Gcore.

Risk #1: data poisoning

Data poisoning is a targeted attack on the integrity of AI systems, where malicious actors subtly inject corrupted or manipulated data into training pipelines. The result is a model that behaves unpredictably, generates biased or false outputs, or embeds hidden logic that can be triggered post-deployment. This can undermine business-critical applications—from fraud detection and medical diagnostics to content moderation and autonomous decision-making.

Side-by-side diagram showing how clean training data leads to accurate model predictions, while poisoned data causes skewed and unreliable outputs.

For developers, the stakes are high: poisoned models are hard to detect once deployed, and even small perturbations in training data can have system-wide consequences. Luckily, you can take a few steps to mitigate against data poisoning and then implement zero-trust AI to further protect your workloads.

Mitigation and hardening

  • Restrict dataset access using IAM, RBAC, or identity-aware proxies.
  • Store all datasets in versioned, signed, and hashed formats.
  • Validate datasets with automated schema checks, label distribution scans, and statistical outlier detection before training.
  • Track data provenance with metadata logs and checksums.
  • Block training runs if datasets fail predefined data quality gates.
  • Integrate data validation scripts into CI/CD pipelines pre-training.
  • Enforce zero-trust access policies for data ingestion services.

Solution integration: zero-trust AI

  • Implement continuous authentication and authorization for each component interacting with data (e.g., preprocessing scripts, training jobs).
  • Enable real-time threat detection during training using runtime security tools.
  • Automate incident response triggers for unexpected file access or data source changes.

Risk #2: adversarial attacks

Adversarial attacks manipulate model inputs in subtle ways that trick AI systems into making incorrect or dangerous decisions. These perturbations—often imperceptible to humans—can cause models to misclassify images, misinterpret speech, or misread sensor data. In high-stakes environments like facial recognition, autonomous vehicles, or fraud detection, these failures can result in security breaches, legal liabilities, or physical harm.

Comparison of an original stop sign image and an adversarially modified version that appears identical to humans but causes a model to misclassify it.

For developers, the threat is real: even state-of-the-art models can be easily fooled without adversarial hardening. The good news? You can make your models more robust by combining defensive training techniques, input sanitization, and secure API practices. While encrypted inference doesn’t directly block adversarial manipulation, it ensures that sensitive inference data stays protected even if attackers attempt to probe the system.

Mitigation and hardening

  • Use adversarial training frameworks like CleverHans or IBM ART to expose models to perturbed inputs during training.
  • Apply input sanitization layers (e.g., JPEG re-encoding, blurring, or noise filters) before data reaches the model.
  • Implement rate limiting and authentication on inference APIs to block automated adversarial probing.
  • Use model ensembles or randomized smoothing to improve resilience to small input perturbations.
  • Log and analyze input-output patterns to detect high-variance or abnormal responses.
  • Test models regularly against known attack vectors using robustness evaluation tools.

Solution integration: encrypted inference

While encryption doesn't prevent adversarial inputs, it does mean that input data and model responses remain confidential and protected from observation or tampering during inference.

  • Run inference in trusted environments like Intel SGX or AWS Nitro Enclaves to protect model and data integrity.
  • Use homomorphic encryption or SMPC to process encrypted data without exposing sensitive input.
  • Ensure that all intermediate and output data is encrypted at rest and in transit.
  • Deploy access policies that restrict inference to verified users and approved applications.

Risk #3: model leakage of intellectual assets

Model leakage—or model extraction—happens when an attacker interacts with a deployed model in ways that allow them to reverse-engineer its structure, logic, or parameters. Once leaked, a model can be cloned, monetized, or used to bypass the very defenses it was meant to enforce. For businesses, this means losing competitive IP, compromising user privacy, or enabling downstream attacks.

Flow diagram showing an attacker sending repeated API requests to a public inference endpoint and reconstructing the target model.

For developers and MLOps teams, the challenge is securing deployed models in a way that balances performance and privacy. If you're exposing inference APIs, you’re exposing potential entry points—but with the right controls and architecture, you can drastically reduce the risk of model theft.

Mitigation and hardening

  • Enforce rate limits and usage quotas on all inference endpoints.
  • Monitor for suspicious or repeated queries that indicate model extraction attempts.
  • Implement model watermarking or fingerprinting to trace unauthorized model use.
  • Obfuscate models before deployment using quantization, pruning, or graph rewriting.
  • Disable or tightly control any model export functionality in your platform.
  • Sign and verify inference requests and responses to ensure authenticity.
  • Integrate security checks into CI/CD pipelines to detect risky configurations—such as public model endpoints, export-enabled containers, or missing inference authentication—before they reach production.

Solution integration: native security integration

  • Integrate model validation, packaging, and signing into CI/CD pipelines.
  • Serve models from encrypted containers or TEEs, with minimal runtime exposure.
  • Use container and image scanning tools to catch misconfigurations before deployment.
  • Centralize monitoring and protection with tools like Gcore WAAP for real-time anomaly detection and automated response.

How investing in AI security can save your business money

From a financial point of view, the use of AI and machine learning in cybersecurity can lead to massive cost savings. Organizations that utilize AI and automation in cybersecurity have saved an average of $2.22 million per data breach compared to organizations that do not have these protections in place. This is because the necessity for manual oversight is reduced, lowering the total cost of ownership, and averting costly security breaches. The initial investment in advanced security technologies yields returns through decreased downtime, fewer false positives, and an enhanced overall security posture.

Challenges ahead

While securing the AI lifecycle is essential, it’s still difficult to balance robust security with a positive user experience. Rigid scrutiny can add additional latency or false positives that can stop operations, but AI-powered security can avoid such incidents.

Another concern organizations must contend with is how to maintain current AI models. With threats changing so rapidly, today's newest model could easily become outdated by tomorrow’s. Solutions must have an ongoing learning ability so that security detection parameters can be revised.

Operational maturity is also a concern, especially for companies that operate in multiple geographies. Well-thought-out strategies and sound governance processes must accompany the integration of complex AI/ML tools with existing infrastructure, but automation still offers the most benefits by reducing the overhead on security teams and helping ensure consistent deployment of security policies.

Layered diagram of a secure AI stack, showing monitoring, deployment hardening, model hardening, and pipeline security, each linked to specific risks.

Get ahead of AI security with Gcore

AI workloads introduce new and often overlooked security risks that can compromise data integrity, model behavior, and intellectual property. By implementing practices like zero-trust architecture, encrypted inference, and native security integration, developers can build more resilient and trustworthy AI systems. As threats evolve, staying ahead means embedding security at every phase of the AI lifecycle.

Gcore helps teams apply these principles at scale, offering native support for zero-trust AI, encrypted inference, and intelligent API protection. As an experienced AI and security solutions provider, our DDoS Protection and AI-enabled WAAP solutions integrate natively with Everywhere Inference and GPU Cloud across 210+ global points of presence. That means low latency, high performance, and proven, robust security, no matter where your customers are located.

Talk with our AI security experts and secure your workloads today

Table of contents

Try Gcore Security

Try for free

Related articles

Securing AI from the ground up: defense across the lifecycle

As more AI workloads shift to the edge for lower latency and localized processing, the attack surface expands. Defending a data center is old news. Now, you’re securing distributed training pipelines, mobile inference APIs, and storage environments that may operate independently of centralized infrastructure, especially in edge or federated learning contexts. Every stage introduces unique risks. Each one needs its own defenses.Let’s walk through the key security challenges across each phase of the AI lifecycle, and the hardening strategies that actually work.PhaseTop threatsHardening stepsTrainingData poisoning, leaksValidation, dataset integrity tracking, RBAC, adversarial trainingDevelopmentModel extraction, inversionRate limits, obfuscation, watermarking, penetration testingInferenceAdversarial inputs, spoofed accessInput filtering, endpoint auth, encryption, TEEsStorage and deploymentModel theft, tamperingEncrypted containers, signed builds, MFA, anomaly monitoringTraining: your model is only as good as its dataThe training phase sets the foundation. If the data going in is poisoned, biased, or tampered with, the model will learn all the wrong lessons and carry those flaws into production.Why it mattersData poisoning is subtle. You won’t see a red flag during training logs or a catastrophic failure at launch. These attacks don’t break training, they bend it.A poisoned model may appear functional, but behaves unpredictably, embeds logic triggers, or amplifies harmful bias. The impact is serious later in the AI workflow: compromised outputs, unexpected behavior, or regulatory non-compliance…not due to drift, but due to training-time manipulation.How to protect itValidate datasets with schema checks, label audits, and outlier detection.Version, sign, and hash all training data to verify integrity and trace changes.Apply RBAC and identity-aware proxies (like OPA or SPIFFE) to limit who can alter or inject data.Use adversarial training to improve model robustness against manipulated inputs.Development and testing: guard the logicOnce you’ve got a trained model, the next challenge is protecting the logic itself: what it knows and how it works. The goal here is to make attacks economically unfeasible.Why it mattersModels encode proprietary logic. When exposed via poorly secured APIs or unprotected inference endpoints, they’re vulnerable to:Model inversion: Extracting training dataExtraction: Reconstructing logicMembership inference: Revealing whether a datapoint was in trainingHow to protect itApply rate limits, logging, and anomaly detection to monitor usage patterns.Disable model export by default. Only enable with approval and logging.Use quantization, pruning, or graph obfuscation to reduce extractability.Explore output fingerprinting or watermarking to trace unauthorized use in high-value inference scenarios.Run white-box and black-box adversarial evaluations during testing.Integrate these security checks into your CI/CD pipeline as part of your MLOps workflow.Inference: real-time, real riskInference doesn’t get a free pass because it’s fast. Security needs to be just as real-time as the insights your AI delivers.Why it mattersAdversarial attacks exploit the way models generalize. A single pixel change or word swap can flip the classification.When inference powers fraud detection or autonomous systems, a small change can have a big impact.How to protect itSanitize input using JPEG compression, denoising, or frequency filtering.Train on adversarial examples to improve robustness.Enforce authentication and access control for all inference APIs—no open ports.Encrypt inference traffic with TLS. For added privacy, use trusted execution environments (TEEs).For highly sensitive cases, consider homomorphic encryption or SMPC—strong but compute-intensive solutions.Check out our free white paper on inference optimization.Storage and deployment: don’t let your model leakOnce your model’s trained and tested, you’ve still got to deploy and store it securely—often across multiple locations.Why it mattersUnsecured storage is a goldmine for attackers. With access to the model binary, they can reverse-engineer, clone, or rehost your IP.How to protect itStore models on encrypted volumes or within enclaves.Sign and verify builds before deployment.Enforce MFA, RBAC, and immutable logging on deployment pipelines.Monitor for anomalous access patterns—rate, volume, or source-based.Edge strategy: security that moves with your AIAs AI moves to the edge, centralized security breaks down. You need protection that operates as close to the data as your inference does.That’s why we at Gcore integrate protection into AI workflows from start to finish:WAAP and DDoS mitigation at edge nodes—not just centralized DCs.Encrypted transport (TLS 1.3) and in-node processing reduce exposure.Inline detection of API abuse and L7 attacks with auto-mitigation.180+ global PoPs to maintain consistency across regions.AI security is lifecycle securityNo single firewall, model tweak, or security plugin can secure AI workloads in isolation. You need defense in depth: layered, lifecycle-wide protections that work at the data layer, the API surface, and the edge.Ready to secure your AI stack from data to edge inference?Talk to our AI security experts

How AI is reshaping the future of interactive streaming

Interactive streaming is entering a new era. Artificial intelligence is changing how live content is created, delivered, and experienced. Advances in real-time avatars, voice synthesis, deepfake rendering, and ultra-low-latency delivery are giving rise to new formats and expectations.Viewers don’t want to be passive audiences anymore. They want to interact, influence, and participate. For platforms that want to lead, the stakes are growing: innovate now, or fall behind.At Gcore, we support this shift with global streaming infrastructure built to handle responsive, AI-driven content at scale. This article explores how real-time interactivity is evolving and how you can prepare for what’s next.A new era for live contentStreaming used to mean watching someone else perform. Today, it’s becoming a conversation between the creator and the viewer. AI tools are making live content more reactive and personalized. A cooking show host can take ingredient requests from the audience and generate live recipes. A language tutor can assess student pronunciation and adjust the lesson plan on the spot. These aren’t speculative use cases—they’re already being piloted.Traditional cameras and presenters are no longer required. Some creators now use entirely digital hosts, powered by motion capture and generative AI. They can stream with multiple personas, switch backgrounds on command, or pause for mid-session translations. This evolution is not about replacing humans but creating new ways to engage that scale across time zones, languages, and platforms.Creating virtual influencersVirtual influencers are digital characters designed to build audiences, promote products, and hold conversations with followers. Unlike human influencers, they don’t get tired, change jobs, or need extensive re-shoots when messaging changes. They’re fully programmable, and the most successful ones are backed by teams of writers, animators, and brand strategists.For example, a skincare company might launch a virtual influencer with a consistent tone, recognizable look, and 24/7 availability. This persona could host product tutorials in the morning, respond to DMs during the day, and livestream reactions to customer feedback at night—all in the local language of the audience.These characters are not limited to influencer marketing. A virtual celebrity might appear as a guest at a live product launch or provide commentary during a sports event. The point is consistency, scalability, and control. Gcore’s global delivery network ensures these digital personas perform without delay, wherever the audience is located.Real-time avatars and AI-generated personasReal-time avatars use motion capture and emotion detection to mimic human behavior with digital models. A fitness instructor can appear as a stylized avatar while tracking their own real movements. A virtual talk show host can gesture, smile, or pause in response to viewer comments. These avatars do more than just look the part—they respond dynamically.AI-generated personas build on this foundation with language generation and decision-making. For instance, an edtech company could deploy a digital tutor that asks learners comprehension questions and adapts its tone based on their engagement level. In entertainment, a music artist might perform live as a virtual character that reflects audience mood through color shifts, dance patterns, or facial expression.These experiences require ultra-low latency. If the avatar lags, the illusion collapses. Gcore’s infrastructure supports the real-time input-output loop needed to make digital characters feel present and responsive.Deepfake technology for creative storytellingDeepfakes are often associated with misinformation, but the same tools can be used to build engaging, high-integrity content. The technology enables face-swapping, voice cloning, and character animation, all of which are powerful in live formats.A museum might use deepfake avatars of historical figures for interactive educational sessions. Visitors could ask questions, and Abraham Lincoln or Golda Meir might respond with historically grounded answers in real time. A brand could create a fictional spokesperson who evolves over time, appearing in product demos, ads, and livestreams. Deepfake technology also allows multilingual content without re-recording—the speaker’s lip movements and tone are modified to match each language.These applications raise legitimate ethical questions. Gcore’s streaming infrastructure includes controls to ensure the source and integrity of AI-generated content are traceable and secure. We provide the technical foundation that enables deepfake use cases without compromising trust.Synthetic voices and personalized audioAudio is often overlooked in discussions about AI streaming, but it’s just as important as video. Synthetic voices today can express subtle emotions and match speaking styles. They can whisper, shout, pause for dramatic effect, and even mimic regional accents.Let’s consider a news platform that offers interactive daily briefings. Viewers choose their preferred language, delivery style (casual, serious, humorous), and even the voice profile. The AI generates a personalized broadcast on the fly. In gaming, synthetic characters can offer encouragement, warn about strategy mistakes, or narrate progress—all without human voice actors.Gcore’s streaming infrastructure ensures that synthetic voice outputs are tightly synchronized with video, so users don’t experience out-of-sync dialogue or lag during back-and-forth exchanges.Increasing interactivity through feedback and participationInteractivity in streaming now goes far beyond comments or emoji reactions. It includes live polls that influence story outcomes, branching narratives based on audience behavior, and user-generated content layered into the broadcast.For example, a live talent show might allow viewers to suggest challenges mid-broadcast. An online classroom could let students vote on the next topic. A product launch might include a real-time Q&A where the host pulls questions from chat and answers them in the moment.All of these use cases rely on real-time data processing, behavior tracking, and adaptive rendering. Gcore’s platform handles the underlying complexity so that creators can focus on building experiences, not infrastructure.Why low latency is criticalInteractive content only works if it feels immediate. A delay of even a second can break immersion, especially when users are trying to influence the outcome or receive a response. Low latency is essential for real-time gaming, sports, interviews, and educational formats.A live trivia game with hundreds of participants won’t retain users if there’s a lag between the question appearing and the timer starting. A remote surgery training session won’t work if the avatar’s responses trail behind the mentor’s instructions. In each of these cases, timing is everything.Gcore Video Streaming minimizes buffering, supports high-resolution streams, and synchronizes data flows to keep participants engaged. Our infrastructure is built to support high-throughput, globally distributed audiences with the responsiveness that interactive formats demand.Preparing for what’s nextAI-generated content is no longer a novelty. It’s becoming a standard feature of modern streaming strategies. Whether you’re building a platform that features virtual influencers, immersive avatars, or interactive educational streams, the foundation matters. That foundation is infrastructure.If you’re planning the next generation of live content, we’re ready to help you bring it to life. At Gcore, we provide the performance, scale, and security to launch these experiences with confidence. Our streaming solutions are designed to support real-time content generation, audience interaction, and global delivery without compromise.Want to see interactive streaming in action? Learn how fan.at used Gcore Video Streaming to deliver ultra-low-latency streams and boost fan engagement with real-time features.Read the case study

What are virtual machines?

A virtual machine (VM), also called a virtual instance, is a software-based version of a physical computer. Instead of running directly on hardware, a VM operates inside a program that emulates a complete computer system, including a processor, memory, storage, and network connections. This allows multiple VMs to run on a single physical machine, each with its own operating system and applications, as if they were independent computers.VMS are useful because they provide flexibility, isolation, and scalability. Since each VM is self-contained, it can run different operating systems (like Windows, Linux, or macOS) on the same hardware without affecting other VMs or the host machine. This makes them ideal for testing software, running legacy applications, or efficiently using server resources in data centers. Because VMs exist as software, they can be easily copied, moved, or backed up, making them a powerful tool for both individuals and businesses.Read on to learn about types of VMs, their benefits, common use cases, and how to choose the right VM provider for your needs.How do VMs work?A virtual machine (VM) runs inside a program called a hypervisor, which acts as an intermediary between the VM and the actual computer hardware. Every time a VM needs to perform an action—such as running software, accessing storage, or using the processor—the hypervisor intercepts these requests and decides how to allocate resources like CPU power, memory, and disk space. You can think of a hypervisor as an operating system for VMs, managing multiple virtual machines on a single physical computer. Popular hypervisors like VirtualBox and VMware enable users to run multiple operating systems simultaneously while providing strong isolation.Modern hypervisors optimize performance by giving VMs direct access to certain hardware components when possible, reducing the need for constant intervention. However, some level of overhead remains because the hypervisor still needs to manage and coordinate resources efficiently. This means that while VMs can leverage most of the system’s hardware, they can’t use 100% of it, as some processing power is always reserved for managing virtualization itself. This small trade-off is often worth it, as hypervisors keep each VM isolated and secure, preventing one VM from interfering with another.VM layersFigure 1 illustrates the layers of a system virtual machine setup. The layer model can vary depending on the hypervisor. Some hypervisors include a built-in host operating system, while modern hardware offers native virtualization support. Many hypervisors can also manage multiple physical machines and VMs efficiently.VM snapshots are an essential feature in cloud computing, allowing users to quickly restore a virtual machine to a previous state.Figure 1: Layers of system virtual machinesHypervisors that emulate hardware architectures different from what the guest OS expects have a bigger overhead, as they can’t relay commands directly to the hardware without first translating them.VM snapshotsVM snapshots are an essential feature in cloud computing, allowing users to quickly restore a virtual machine to a previous state. The hypervisor can save the complete state of the VM and restore it at a later time to skip the boot process of the guest OS. The hypervisor can also move these snapshots between different physical machines, making the software running in the VM completely independent from the underlying hardware.What are the benefits of using VMs?Virtual machines offer benefits including resource efficiency, isolation, simplified operations, easy migration, faster deployment, cost savings, and security. Let’s look at these one by one.Multiple VMs can run on a single physical machine, making sharing resources between various guest operating systems easier. This is especially important when each guest OS needs to be isolated from the others, such as when they belong to different customers of a cloud service provider. Sharing resources through VMs makes running a server cheaper because you don’t have to buy or rent a whole physical machine, but only parts of it.Since VMs abstract the underlying hardware, they also improve resilience. If the physical machine fails, the hypervisor can perform a quick recovery by moving the snapshots to another machine without changing the guest OS installations to minimize downtime. This abstraction also allows operations teams to focus their deployment efforts on a standardized VM instead of considering different physical implementations.Migrations become easier with snapshots as you can simply move them to a faster machine without modifying the software running inside the VM.Faster deployments are possible because starting a VM is just a software execution instead of setting up a physical server in a data center. While you had to buy a server or rent it for months, with fast deployments, you can now rent a machine for hours, minutes, or even seconds, which allows for quite some savings.Modern CPUs have built-in virtualization features that enable easy resource sharing and enforce the isolation at the hardware layer. This prevents the services of one VM from accessing the resources of the others, improving security compared to running multiple apps inside one OS.Common use cases for VMsVMs have a range of use cases. Let’s look at the most popular ones.Cloud computingThe most popular use case is cloud computing, where VMs allow the secure sharing of the cloud provider’s resources, enabling their customers to rent only the resources they need for the period their workload will run.Software development and testingSoftware development often requires specific tools and libraries that aren’t available on a production machine, so having a development VM with all these tools preinstalled can be helpful. An example is cloud IDEs, which look and feel like regular IDEs but run on a cloud VM. A developer can have one for each project with the required dev tools installed.VMs also allow a developer to set up a machine for software testing that looks exactly like the production environment. Here, the opposite of the development VM is required; it should not have any development tools installed because they would also be missing from production.Cross-platform developmentA special case of the software development use case is cross-platform development. When you implement an app for Android or iOS, for example, you usually don’t do this on a mobile device but on your computer. With VMs, developers can simulate different hardware environments, enabling cross-platform testing without requiring physical devices.Legacy system supportIf the hardware your application requires is no longer in production, a VM might be the only way to keep running your software without reimplementing it. This is similar to the cross-platform development use case, as the VM emulates different hardware, but the difference is that the hardware no longer exists.How to choose the right VM providerTo find the right provider for your workload, the most important factor to assess is your own workload requirements. Ask the following questions and compare the answers to what providers offer.Is your workload compute or I/O-bound?Many workloads, like web servers, are I/O-bound. They don’t make complex calculations but rather simply load data and send it over the network. If you need a VM for an I/O-bound workload, you care more about disk and memory size, as well as network speed.However, compute-heavy workloads, such as AI inference or Kubernetes clusters, require careful resource allocation. If you’re evaluating whether to run Kubernetes on bare metal or VMs, check out our white paper on Bare Metal vs. VM-based Kubernetes Clusters for an in-depth comparison.If your workload is compute-bound instead, you need a high-performance CPU or a GPU and loads of memory. An AI inference engine, for example, only sends a bit of text to a client, but it does many calculations to generate this text.How long will your workload run?Web servers usually run indefinitely, but some workloads only run a few hours or minutes. If you’re doing AI training, you don’t want to pay for your huge VM cluster 24/7 if it only runs a few hours or days a week. In such cases, looking for a provider that allows renting your desired VM type hourly on a pay-as-you-go model might be worthwhile.Certain cloud providers offer cost-effective spot instances, which provide lower prices for non-critical workloads that can tolerate interruptions. These cheap VMs can get shut down at any time with minimal notice, but if your calculations aren’t time-critical, you might save quite a bit of money here.How does your workload scale?Scaling in the cloud is usually done horizontally. That is, by adding more VMs and distributing the work between them. Workloads can have different requirements for when and how fast they must be added and removed.In the AI training example, you might know in advance that one training takes more resources than the other, so you can provision enough VMs when starting. However, a web server workload might change its requirements constantly. Hence, you need a load balancer that automatically scales the instances up and down depending on the number of clients that want to access your service.Do you handle sensitive data?You might have to comply with specific laws and regulations depending on your jurisdiction(s) and industry. This means you must check whether the cloud provider also complies. How secure are their data centers? Where are they located? Do they support encryption in transit, at rest, and in process?What are your reliability requirements?Reliability is a question of costs and, again, of compliance. You might get into financial or regulatory troubles if your workload can’t run. Cloud providers often boast about their guaranteed uptimes, but remember that 99% uptime a year still means over three days of potential downtime. Check your needs and then seek a provider that can meet them reliably.Do you need customer support?If your organization doesn’t have the know-how for operating VMs in the cloud, you might need technical support from the provider. Most cloud providers are self-service, offering you a GUI and an API to manage resources. If your business lacks the resources to operate VMs, seek out a provider that can manage VMs on your behalf.SummaryVMs are a core technology for cloud computing and software development alike. They enable efficient resource sharing, improve security with hardware-enforced guest isolation, and simplify migration and disaster recovery. Choosing the right VM provider starts with understanding your workload requirements, from resource allocation to security and scalability.Maximize cloud efficiency with Gcore Virtual Machines—engineered for high performance, seamless scalability, and enterprise-grade security at competitive pricing. Whether you need to run workloads at scale or deploy applications in seconds, our VMs provide enterprise-grade security, built-in resilience, and optimized resource allocation, all powered by cutting-edge infrastructure. With global reach, fast provisioning, egress traffic included, and pay-as-you-go pricing, you get the scalability and reliability your business needs without overspending. Start your journey with Gcore VMs today and experience cloud computing that’s built for speed, security, and savings.Discover Gcore VMs

How to deploy DeepSeek 70B with Ollama and a Web UI on Gcore Everywhere Inference

Large language models (LLMs) like DeepSeek 70B are revolutionizing industries by enabling more advanced and dynamic conversational AI solutions. Whether you’re looking to build intelligent customer support systems, enhance content generation, or create data-driven applications, deploying and interacting with LLMs has never been more accessible.In this tutorial, we’ll show you exactly how to set up DeepSeek 70B using Ollama and a Web UI on Gcore Everywhere Inference. By the end, you’ll have a fully functional environment where you can easily interact with your custom LLM via a user-friendly interface. This process involves three simple steps: deploying Ollama, deploying the web UI, and configuring the web UI and connecting to Ollama.Let’s get started!Step 1: Deploy OllamaLog in to Gcore Everywhere Inference and select Deploy Custom Model.In the model image field, enter ollama/ollama.Set the Port to 11434.Under Pod Configuration, configure the following:Select GPU-Optimized.Choose a GPU type, such as 1×A100 or 1×H100.Choose a region (e.g., Luxembourg-3).Set an autoscaling policy or use the default settings.Name your deployment (e.g., ollama).Click Deploy model on the right side of the screen.Once deployed, you’ll have an Ollama endpoint ready to serve your model.Step 2: Deploy the Web UI for OllamaGo back to the Gcore Everywhere Inference console and select Deploy Custom Model again.In the Model Image field, enter ghcr.io/open-webui/open-webui:main.Set the Port to 8080.Under Pod Configuration, set:CPU-Optimized.Choose 4 vCPU / 16 GiB RAM.Select the same region as before (e.g., Luxembourg-3).Configure an autoscaling policy or use the default settings.Name your deployment (e.g., webui).Click Deploy model on the right side of the screen.Once deployed, navigate to the Web UI endpoint from the Gcore Customer Portal.Step 3: Configure the Web UIFrom the Web UI endpoint and set up a username and password when prompted.Log in and navigate to the admin panel.Go to Settings → Connections → Disable the OpenAI API integration.In the Ollama API field, enter the endpoint for your Ollama deployment. You can find this in the Gcore Customer Portal. It will look similar to this: https://<your-ollama-deployment>.ai.gcore.dev/.Click Save to confirm your changes.Step 4: Pull and Use DeepSeek 70BOpen the chat section in the Web UI.In the Select a model field, type deepseek-r1:70b.Click Pull to download the model. Wait for the download to complete.Once downloaded, select the model and start chatting!Your AI environment is ready to exploreBy following these steps, you’ve successfully deployed DeepSeek 70B on Gcore Everywhere Inference with Ollama. This setup provides a powerful and user-friendly environment for experimenting with LLMs, prototyping AI-driven features, or integrating advanced conversational AI into your applications.Ready to unlock the full potential of AI? Gcore Everywhere Inference offers outstanding scalability, performance, and support, making it the perfect solution for developers and businesses working with advanced AI models. Dive deeper into our powerful tools and resources by exploring our AI blog and docs.Discover Gcore Everywhere Inference

What is AI inference and how does it work?

Artificial intelligence (AI) inference is what happens when a trained AI model is used to predict outcomes from new, unseen data. While training focuses on learning from historical datasets, inference is about putting that learned knowledge into action—such as identifying production bottlenecks before they happen, converting speech to text, or guiding self-driving cars in real time. This article walks you through the basics of AI inference and shows how to get started.What is AI inference?AI inference is the application phase of artificial intelligence. Once a model has been trained on large datasets, it shifts from “learning mode” to “doing mode”—providing predictions or decisions from new data inputs.For example, an e-commerce platform with a model trained on purchasing behavior uses inference to personalize recommendations for each site visitor. Without re-training from scratch, the model quickly adapts to new browsing patterns and purchasing signals, offering instant, relevant suggestions.By enabling actionable insights, inference is transforming how businesses and technologies function, empowering relevance and instant responsiveness in an increasingly data-driven world.How does AI inference work? A practical guideAI inference has four steps: data preparation, model loading, processing and prediction, and output generation.#1 Data preparationThe first step involves transforming raw input—such as text, images, or numerical data—into a format that the AI model can process. For instance, customer feedback might be converted into numerical representations of words and patterns, or an image could be resized and normalized. Proper data preparation ensures that the AI model can effectively understand and analyze the input. For businesses, this means making sure that input data is clean, well-structured, and formatted according to the model’s requirements.#2 Model loadingOnce the input data is ready, the trained AI model is loaded into memory. This model, equipped with patterns and relationships learned during training, acts as the foundation for predictions and decisions.Businesses must make sure that their infrastructure is capable of quickly loading and deploying AI models, especially during high-demand periods. We simplify this process by providing a high-performance platform with global scalability. Your models are loaded and operational in seconds, whether you’re using a custom model or an open-source one.#3 Processing and predictionIn this step, the prepared data is passed through the model’s neural networks, which apply learned patterns to generate insights or predictions. For example, a customer service AI might analyze incoming messages to determine if they express satisfaction or frustration.The speed and accuracy of this stage depend on access to low-latency infrastructure capable of handling complex calculations. Our edge inference solution means data processing happens close to the source, reducing latency and enabling real-time decision making.#4 Output generationThe final stage translates the model’s mathematical outputs into meaningful insights, such as predictions, labels, or recommendations. These outputs must be integrated into business workflows or customer-facing applications in a way that’s easy to understand and actionable.We help streamline this step by offering APIs and integration tools that allow businesses to seamlessly incorporate inference results into their operations, so outputs are accessible and actionable in real time.A real-life exampleLet’s look at how this works in practice. Consider a retail business implementing AI for inventory management. The system continuously:Receives data from point-of-sale systems and warehouse scannersProcesses this information through trained AI modelsGenerates predictions about future inventory needsAdjusts order quantities and timing automaticallyAll of this happens in milliseconds, making real-time decisions possible. However, the speed and efficiency depend on choosing the right infrastructure for your needs.The technology stack behind inferenceTo make this process work smoothly, specialized computing infrastructure and software need to work together.Computing infrastructureModern AI inference relies on specialized hardware designed to process mathematical operations quickly. While training AI models often requires expensive, high-powered graphics processors (GPUs), inference can run on more cost-effective hardware options:CPUs: Suitable for smaller-scale applicationsEdge devices: For processing data locally on smartphones or IoT devices or other hardware closer to the data source, resulting in low latency and better privacy.Cloud-based inference servers: Designed for handling large-scale operations, enabling centralized processing and flexible scaling.When evaluating computing infrastructure for AI, businesses should prioritize solutions that address latency, scalability, and ease of use. Edge inference capabilities are essential for deploying models closer to end users, which optimizes performance globally even during peak demand. Flexible access to diverse hardware options like GPUs, CPUs, and advanced accelerators ensures adaptability, while user-friendly tools and automated scaling enable seamless management and consistent performance.Software optimizationThe efficiency of inference depends heavily on software optimization. When done right, software optimization ensures that AI applications are fast, responsive, and scalable, making them practical for real-world use.Look for the following to identify a solution that reduces inference processing time and supports optimized results:Model compression and optimization: The computational load is reduced and inference occurs faster—without sacrificing accuracy.Workload distribution and automation: This means that resources are allocated efficiently and cost-effectively.Integration: Look for APIs and tools that connect seamlessly with existing business systems.The future of AI inferenceWe anticipate three major trends for the future of AI inference.First, we’re seeing a dramatic shift toward specialized AI accelerators and custom silicon. New chips are being developed and existing ones optimized specifically for inference workloads. These purpose-built processors are delivering significant improvements in both performance and energy efficiency compared to traditional GPUs. This specialization is making AI inference more cost-effective and environmentally sustainable, particularly for companies running large-scale operations.The second major trend is the emergence of lightweight, efficient models designed specifically for inference. While large language models like GPT-4 showcase the potential of AI, many businesses are finding that smaller, task-specific models can deliver comparable or better results for their particular needs. These “small language models” (SLMs) and domain-adapted models are trained on focused datasets and optimized for specific tasks, making them more practical for real-world deployment. This approach is particularly valuable for edge computing scenarios where computing resources are limited.Finally, the infrastructure for AI inference is becoming more sophisticated and accessible. Advanced orchestration tools are automating the complex process of model deployment, scaling, and monitoring. These platforms can automatically optimize model performance based on factors like latency requirements, cost constraints, and traffic patterns. This automation is making it possible for companies to deploy AI solutions without maintaining large specialized teams of ML engineers.Dive into more of our predictions for AI inference in 2025 and beyond in our dedicated article.Accelerate inference adoption for your businessAI inference is rapidly becoming a differentiator for businesses. By applying trained AI models to new data, companies can make instant predictions, automate decision-making, and optimize operations across industries. However, achieving these benefits depends on having the right infrastructure and expertise behind the scenes. This is where the choice of inference provider plays a critical role. The provider’s infrastructure determines latency, scalability, and overall efficiency, which directly affect business outcomes. A well-equipped provider allows businesses to maximize the value of their AI investments.At Gcore, we are uniquely positioned to meet these needs with our edge inference solution. Leveraging a secure, global network of over 180 points of presence equipped with NVIDIA GPUs, we deliver ultra-fast, low-latency inference capabilities. Intuitively deploy and scale open-source or custom models on our powerful platform that accelerates AI adoption for a competitive edge in an increasingly AI-driven world.Get a complimentary consultation about your AI inference needs

AI model selection simplified: your guide to Gcore-supported model selection

2024 has been an exceptional year for advancements in artificial intelligence (AI). The variety of models has grown significantly, with impressive strides in performance across domains. Whether it’s text or image classification, text and image generation, speech models, or multimodal capabilities, businesses now face the challenge of navigating an ever-expanding catalog of open-source models. Understanding the differences in tasks and metrics targeted by these models is crucial to making informed decisions.At Gcore, we’ve been expanding our model catalog to simplify AI model testing and deployment. As businesses scale their AI applications across various units, identifying the best model for specific tasks becomes critical. For example, some applications, like cancer screening, prioritize accuracy over latency. On the other hand, time-sensitive use cases like fraud detection demand rapid processing, while cost may drive decisions for lightweight applications like chatbot development.This guide provides a comprehensive overview of the AI models supported on the Gcore platform, their characteristics, and their most effective use cases to help you choose the right model for your needs. Our inference solution also supports custom AI models.Large language models (LLMs)LLMs are foundational for applications requiring human-like understanding and generation of text, making them crucial for customer service, research, and educational tools. These models are versatile and cover a range of applications:Text generation (e.g., creative writing, content creation)SummarizationQuestion answeringInstruction following (specific to instruct-tuned models)Sentiment analysisTranslationCode generation and debugging (if fine-tuned for programming tasks)Models supported by GcoreGcore supports the following models for inference, available in the Gcore Customer Portal. Activate them at the click of a button.Model nameProviderParametersKey characteristicsLLaMA-Pro-8BMeta AI8 BillionBalanced trade-off between cost and power, suitable for real-time applications.Llama-3.2-1B-InstructMeta AI1 BillionIdeal for lightweight tasks with minimal computational needs.Llama-3.2-3B-InstructMeta AI3 BillionOffers lower latency for moderate task complexity.Llama-3.1-8B-InstructMeta AI8 BillionOptimized for instruction following.Mistral-7B-Instruct-v0.3Mistral AI7 BillionExcellent for nuanced instruction-based responses.Mistral-Nemo-Instruct-2407Mistral AI & Nvidia7 BillionHigh efficiency with robust instruction-following capabilities.Qwen2.5-7B-InstructQwen7 BillionExcels in multilingual tasks and general-purpose applications.QwQ-32B-PreviewQwen32 BillionSuited for complex, multi-turn conversations and strategic decision-making.Marco-o1AIDC-AI1-5 Billion (est.)Designed for structured and open-ended problem-solving tasks.Business applicationsLLMs play a pivotal role in various business scenarios; choosing the right model will be primarily influenced by task complexity. For lightweight tasks like chatbot development and FAQ automation, models like Llama-3.2-1B-Instruct are highly effective. Medium complexity tasks, including document summarization and multilingual sentiment analysis, can leverage models like Llama-3.2-3B-Instruct and Qwen2.5-7B-Instruct. For high-performance needs like real-time customer service or healthcare diagnostics, models like LLaMA-Pro-8B and Mistral-Nemo-Instruct-2407 provide robust solutions. Complex, large-scale applications, like market forecasting and legal document synthesis, are ideally suited for advanced models like QwQ-32B-Preview. Additionally, specialized solutions for niche industries can benefit from Marco-o1’s unique capabilities.Image generationImage generation models empower industries like entertainment, advertising, and e-commerce to create engaging content that captures the audience’s attention. These models excel in producing creative and high-quality visuals. Key tasks include:Generating photorealistic imagesArtistic rendering (e.g., illustrations, concept art)Image enhancement (e.g., super-resolution, inpainting)Marketing and branding visualsModels supported by GcoreWe currently support six models via the Gcore Customer Portal, or you can bring your own image generation model to our inference platform.Model nameProviderParametersKey characteristicsByteDance/SDXL-LightningByteDance100-400 MillionLightning-fast text-to-image generation with 1024px outputs.stable-cascadeStability AI20M-3.6 BillionWorks on smaller latent spaces for faster and cheaper inference.stable-diffusion-xlStability AI~3.5B Base + 1.2B RefinementPhotorealistic outputs with detailed composition.stable-diffusion-3.5-large-turboStability AI8 BillionBalances high-quality outputs with faster inference.FLUX.1-schnellBlack Forest Labs12 BillionDesigned for fast, local development.FLUX.1-devBlack Forest Labs12 BillionOpen-weight model for non-commercial applications.Business applicationsIn high-quality image generation, models like stable-diffusion-xl and stable-cascade are commonly employed for creating marketing visuals, concept art for gaming, and detailed e-commerce product visualizations. Real-time applications, such as AR/VR customizations and interactive customer tools, benefit from the speed of ByteDance/SDXL-Lightning and FLUX.1-schnell. FLUX.1-dev and stable-diffusion-3.5-large-turbo are excellent options for experimentation and development, allowing startups and enterprises to prototype generative AI workflows cost-effectively. Specialized use cases, such as ultra-high-quality visuals for luxury goods or architectural renders, also find tailored solutions with stable-cascade.Speech recognitionSpeech recognition models are essential for industries like media, healthcare, and education, where transcription accuracy and speed directly impact their efficacy. They facilitate:Accurate speech-to-text transcriptionLow-latency live audio conversionMultilingual speech processing and translationAutomated note-taking and content creationModels supported by GcoreAt Gcore, our inference service supports two Whisper models, as well as custom speech recognition models.Model nameProviderParametersKey characteristicswhisper-large-v3-turboOpenAI809 MillionOptimized for speed with minimal accuracy trade-offs.whisper-large-v3OpenAI1.55 BillionHigh-quality multilingual speech-to-text and translation with reduced error rates.Business applicationsSpeech recognition technology supports a wide range of business functions, all requiring precision and accuracy, delivered at speed. For real-time transcription, whisper-large-v3-turbo is ideal for live captioning and speech analytics applications. High-accuracy tasks, including legal transcription, academic research, and multilingual content localization, leverage the advanced capabilities of whisper-large-v3. These models enable faster, more accurate workflows in sectors where precise audio-to-text conversion is crucial.Multimodal modelsBy bridging text, image, and other data modalities, multimodel models unlock innovative solutions for industries requiring complex data analysis. These models integrate diverse data types for applications in:Image captioningVisual question answeringMultilingual document processingRobotic visionModels supported by GcoreWe currently support the following multimodal models:Model nameProviderParametersKey characteristicsPixtral-12B-2409Mistral AI12 BillionExcels in instruction-following tasks with text and image integration.Qwen2-VL-7B-InstructQwen7 BillionAdvanced visual understanding and multilingual support.Business applicationsFor tasks like image captioning and visual question answering, Pixtral-12B-2409 provides robust capabilities in generating descriptive text and answering questions based on visual content. Qwen2-VL-7B-Instruct supports document analysis and robotic vision, enabling systems to extract insights from documents or understand their physical surroundings. These applications are transformative for industries ranging from digital media to robotics.A multitude of models, supported by GcoreStart developing on the Gcore platform today, leveraging top-tier GPUs for seamless AI model training and deployment. Simplify large-scale, cross-regional AI operations with our inference-at-the-edge solutions, backed by over a decade of CDN expertise.Get started with Inference at the Edge today

Subscribe to our newsletter

Get the latest industry trends, exclusive insights, and Gcore updates delivered straight to your inbox.

Subscribe