SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

SentinelOne unveils AI security management capabilities

Fri, 22nd Nov 2024

SentinelOne has announced new artificial intelligence (AI) security posture management capabilities.

The new AI security posture management (AI-SPM) features are designed to protect and secure AI services used within workplaces, leveraging SentinelOne's Singularity cybersecurity platform. This addition aims to broaden the Singularity Cloud Security portfolio by providing customers with enhanced visibility and protection over both recognised and unregulated AI cloud services operating in their environments.

SentinelOne's AI-SPM will assist security teams in identifying all AI applications and models in use, spotting AI service misconfigurations and vulnerabilities, and gaining insight into potential attack vectors linked to AI workloads. These capabilities are intended to allow organisations to harness the potential productivity and competitive advantages of AI while addressing associated security, privacy, and regulatory compliance risks in cloud-based AI environments.

Initial access to these features is currently available for SentinelOne customers, with general rollout anticipated in early 2025.

Research conducted in May 2024 by McKinsey indicated a significant rise in the adoption of generative AI, with 65% of organisations implementing it in at least one business function. This is a considerable increase from 33% in 2023, with half of these organisations employing generative AI across several functions. Major cloud providers such as Amazon Web Services, Google Cloud, and Microsoft Azure have facilitated the development and deployment of generative AI applications, responding to this growing demand.

"The power and benefits of generative AI are undeniable," stated Ely Kahn, Vice President of Product Management at SentinelOne. "Yet, the very tools and cloud services that simplify and accelerate GenAI adoption are simultaneously opening up a brand new attack surface and potential regulatory risk. With AI-SPM, we're empowering customers to unleash the distinct advantages of GenAI, while giving security teams the visibility, insight, and tools needed to protect the sensitive data behind these powerful cloud applications."

This AI-SPM solution within the Singularity Cloud Security portfolio extends the current CNAPP functionalities of the Singularity platform, introducing several new capabilities.

The solution enables the discovery and visibility of both known and unnoticed AI pipelines and models. AI-SPM identifies AI services, as well as training, deployed models, and pipelines from cloud services like AWS (Amazon SageMaker, Amazon Bedrock), Google Cloud (Google Vertex AI), and Microsoft Azure (Microsoft Azure OpenAI).

It also facilitates the detection and rectification of vulnerabilities and misconfigurations within AI infrastructure, providing insights to prevent accidental data exposure that could result in data breaches and unauthorised access to models and services.

Additionally, AI-SPM includes a graph explorer feature to visualise potential attack paths associated with AI-based workload alerts. This visualisation feature showcases how a potential adversary might navigate through a customer's environment, possibly moving laterally to gain access to critical resources.

The solution addresses compliance risks by focusing on data policies that align with organisational compliance and risk benchmarks, contributing to assessments against standards like the EU AI Act and NIST's Artificial Intelligence Risk Management framework.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X