AI Aware represents a proactive approach to securing AI solutions.
Tenable, a global provider of exposure management, has launched AI Aware, a new set of advanced detection capabilities to address vulnerabilities within artificial intelligence (AI) solutions. Integrated into Tenable Vulnerability Management, AI Aware offers exposure insights into AI applications, libraries, and plugins, helping organisations mitigate AI risks without disrupting their operations.
Cybersecurity threats and compliance risks have surged with the rapid development and widespread adoption of AI technologies over the past two years. Many organisations have struggled to manage these risks due to lacking established best practices for handling AI. As a result, security teams face significant challenges, including detecting vulnerabilities, managing data leakage, and curbing unauthorised AI usage.
Tenable Research recently highlighted the scale of the issue. In 75 days from late June to early September, over 9 million instances of AI applications were found across more than 1 million hosts. Alarmingly, over a third of security teams discovered unauthorised AI applications within their environments.
The growing volume of AI-related vulnerabilities only adds to this risk, with Tenable disclosing several critical weaknesses in popular AI solutions such as Microsoft Copilot, Flowise, and Langflow.
AI Aware represents a proactive approach to securing AI solutions. By leveraging a combination of agents, passive network monitoring, dynamic application security testing, and distributed scan engines, AI Aware identifies both approved and unapproved AI software, associated libraries, and browser plugins. This comprehensive detection system reduces the risk of exploitation, data breaches, and unauthorised resource consumption.
“In the race to integrate AI into business operations, many organisations have overlooked crucial cybersecurity, privacy, and compliance concerns,” commented Shai Morag, Chief Product Officer at Tenable. “AI introduces a range of new risks, particularly when developed and deployed hastily. With AI Aware, we aim to empower organisations to implement AI securely, keeping pace with the rapid evolution of these technologies.”
Key Features of AI Aware:
- Dashboard Views: This provides an overview of the most common AI software detected, the top assets with AI-related vulnerabilities, and the primary communication ports used by AI technologies.
- Shadow Software Development Detection: This tool identifies unauthorised AI development tools and frameworks, enabling organisations to ensure compliance with internal best practices.
- AI-Specific Filters: Allows security teams to focus specifically on AI-related vulnerabilities during vulnerability assessments, using Tenable’s Vulnerability Prioritisation Rating (VPR) to assess and prioritise risks effectively.
- Asset-Centric AI Inventory: Offers a detailed inventory of AI packages, libraries, and plugins, with in-depth profiles of each asset in the system.
Tenable AI Aware is now available through Tenable Vulnerability Management, Tenable Security Centre, and Tenable One. It provides organisations the tools to detect, assess, and manage AI-related risks in an increasingly AI-driven digital landscape.