Exposure management company Tenable has released AI Aware, a security solution that provides clients with insights into AI applications, libraries and plugins so that they can confidently expose and close AI risk, without inhibiting business operations.
AI Aware’s advanced detection capabilities can rapidly surface artificial intelligence solutions, vulnerabilities and weaknesses, and is available via the Tenable Vulnerability Management platform.
Tenable says the rapid development and adoption of AI technologies in the past two years has introduced major cybersecurity and compliance risks that organisations must proactively address without established best practices. As a result, cybersecurity teams face significant AI-related challenges, such as vulnerability detection and remediation, containing data leakage and reining in unauthorised AI use.
According to recent Tenable research, more than one-third of security teams are finding usage of AI applications in their environment that might not have been provisioned via formal processes.
During a 75-day period between late June and early September, Tenable found over nine million instances of AI applications on more than one million hosts. The cybersecurity risk of unfettered AI usage is compounded by the increasing volume of AI vulnerabilities. Tenable Research has found and disclosed several vulnerabilities in AI solutions, including in Microsoft Copilot, Flowise, Langflow, among others.
With AI Aware, Tenable boosts proactive security for AI solutions. Tenable AI Aware uniquely leverages agents, passive network monitoring, dynamic application security testing and distributed scan engines to detect approved and unapproved AI software, libraries and browser plugins, along with associated vulnerabilities, thereby mitigating risks of exploitation, data leakage and unauthorised resource consumption. The combined depth of these multiple assessment methods delivers the most complete detection of AI in the modern ecosystem.
“In an effort to keep pace with the sea change introduced by AI, organisations worldwide ran full speed ahead, potentially bypassing countless cybersecurity, privacy and compliance red flags,” said Tenable’s Chief Product Officer Shai Mora. “Perhaps more so than with any other new technology we’ve seen, there are many risk factors to consider, especially with rushed development and deployment. Tenable AI Aware empowers organisations to deploy AI confidently, ensuring their security measures keep pace with the rapid evolution of AI technologies.”
In addition to AI software and vulnerability detection, key AI Aware features available in Tenable Vulnerability Management, Tenable Security Center, and Tenable One include:
-
Dashboard views that provide a snapshot of the most common AI software discovered in the ecosystem, top assets with vulnerabilities related to AI and the most common communication ports leveraged by AI technologies.
-
Shadow software development detection that illuminate the unexpected existence of the building blocks of AI development in the environment, enabling businesses to align initiatives with organisational best practices.
-
Filtering of findings for AI detections that enable teams to focus on AI-related findings when reviewing vulnerability assessment results. Combined with the power of Tenable Vulnerability Prioritisation Rating (VPR), teams can effectively assess and prioritise vulnerabilities introduced by AI packages and libraries.
-
Asset-centric AI-inventory provides a complete inventory of AI-related packages, libraries and browser plugins while reviewing the detailed profile of assets.