SentinelOne announced
new AI security posture management (AI-SPM) capabilities to protect and
secure the use of AI services in the workplace. Built on SentinelOne's
market-leading
Singularity cybersecurity platform, the new offering will expand SentinelOne's top-rated Singularity Cloud Security portfolio
to give customers visibility into - and protection over - both known
and shadow AI cloud services running in their environment. SentinelOne's
AI-SPM will help security teams discover the entire inventory of AI
applications and models being used, detect and pinpoint AI service
misconfigurations and vulnerabilities, and gain visibility into
potential attack paths related to AI workloads. As a result,
organizations can confidently embrace AI's transformative productivity
benefits and competitive advantages while mitigating the security,
privacy, and regulatory compliance risks inherent in cloud-based AI
applications and models.
Early adopter access is available now for SentinelOne customers, with general availability expected in early 2025.
In May 2024, a global McKinsey survey found
that 65 percent of organizations were using generative AI in at least
one business function - up nearly double from 33 percent in 2023 - and
50 percent were already using generative AI across multiple functions.
To meet this demand, all major public cloud service providers, including
Amazon Web Services, Google Cloud, and Microsoft Azure, have introduced
simple ways to build, train, and host generative AI applications in the
cloud.
"The power and benefits of generative AI are undeniable. Yet, the very
tools and cloud services that simplify and accelerate GenAI adoption are
simultaneously opening up a brand new attack surface and potential
regulatory risk," said Ely Kahn, Vice President of Product Management at
SentinelOne. "With AI-SPM, we're empowering customers to unleash the
distinct advantages of GenAI, while giving security teams the
visibility, insight, and tools needed to protect the sensitive data
behind these powerful cloud applications."
A new solution within SentinelOne's Singularity Cloud Security
portfolio, AI-SPM builds on the comprehensive CNAPP capabilities in the
Singularity platform by introducing the ability to:
-
Discover and gain visibility into known and shadow AI pipelines and models
- SentinelOne's AI-SPM discovers all the AI services, training,
deployed models, and pipelines from cloud services like AWS (Amazon
SageMaker and Amazon Bedrock), Google Cloud (Google Vertex AI) and
Microsoft Azure (Microsoft Azure OpenAI).
-
Detect and identify vulnerabilities and misconfigurations in AI infrastructure
- SentinelOne's AI-SPM provides insights into any misconfigurations in
AI services to protect against inadvertent exposure that could lead to
possible data exfiltration and unauthorized access to AI models and
services.
-
Visualize and analyze potential attack paths - SentinelOne's
graph explorer visualizes attack paths related to AI-based workload
alerts to showcase graphically how an adversary could traverse the
customer's environment and potentially move laterally to gain access to
resources.
-
Manage and mitigate compliance risks - Focus on data
policies that contribute to company-level compliance and risk baselines
as part of a greater assessment against regulatory standards like the EU
AI Act and NIST's Artificial Intelligence Risk Management framework.