SentinelOne today announced new AI Security Posture Management (AI-SPM) capabilities to protect and secure the use of AI services in the workplace. Built on SentinelOne Singularity cybersecurity platform, the new offering will expand SentinelOne’s offering Singularity Cloud Security Wallet to give customers visibility and protection into known and shadow AI cloud services running in their environment.
SentinelOne’s AI-SPM will help security teams discover the complete inventory of applications and AI models in use, detect and identify misconfigurations and vulnerabilities of AI services, and gain visibility into potential attack paths related to AI workloads. As a result, organizations can confidently enjoy the transformative productivity benefits and competitive advantages of AI while mitigating the security, privacy, and regulatory compliance risks inherent in cloud-based AI applications and models.
Early adopter access is now available to SentinelOne customers, with general availability expected in early 2025.
In May 2024, a global McKinsey survey found that 65% of organizations were using generative AI in at least one business function (nearly double from 33% in 2023) and 50% were already using generative AI across multiple functions. To meet this demand, all major public cloud service providers, including Amazon Web Services, Google Cloud, and Microsoft Azure, have introduced easy ways to build, train, and host generative AI applications in the cloud.
“The power and benefits of generative AI are undeniable. Yet cloud tools and services that simplify and accelerate GenAI adoption simultaneously open up a whole new attack surface and potential regulatory risk,” said Ely Kahn, vice president of product management at SentinelOne. “With AI-SPM, we enable our customers to leverage the distinct benefits of GenAI while providing security teams with the visibility, insights and tools needed to protect the sensitive data behind these powerful cloud applications. »
A new solution within SentinelOne’s Singularity Cloud Security portfolio, AI-SPM builds on the comprehensive CNAPP capabilities of the Singularity platform by introducing the ability to:
- Discover and gain visibility into known and phantom AI pipelines and models: SentinelOne’s AI-SPM discovers all AI services, training, deployed models, and pipelines from cloud services such as AWS (Amazon SageMaker and Amazon Bedrock), Google Cloud (Google Vertex AI), and Microsoft Azure (Microsoft Azure OpenAI).
- Detect and identify vulnerabilities and misconfigurations in AI infrastructure: SentinelOne’s AI-SPM provides insights into any misconfiguration of AI services to protect against accidental exposure that could lead to possible data exfiltration and unauthorized access to AI models and services.
- Visualize and analyze potential attack paths: SentinelOne’s graphical explorer visualizes attack paths related to AI-driven workload alerts to graphically show how an adversary could traverse the customer’s environment and potentially move laterally to access resources.
- Manage and mitigate non-compliance risks: Focus on data policies that contribute to compliance and baseline risk levels at the enterprise level as part of a deeper assessment against regulatory standards such as the EU Data Protection Act. AI and the NIST Artificial Intelligence Risk Management Framework.