Tenable has introduced AI Aware, an advanced detection feature that quickly identifies artificial intelligence solutions, vulnerabilities, and weaknesses in Tenable Vulnerability Management.
Tenable AI Aware gives insight into AI applications, libraries, and plugins. This helps organizations confidently identify and address AI risk without disrupting business operations.
Recent Tenable Research shows that more than one-third of security teams have found AI applications in their systems that were not officially approved. Over 75 days, it discovered over 9 million instances of AI applications on more than 1 million hosts. The cybersecurity risk of unchecked AI use is worsened by the growing number of AI vulnerabilities. It has identified and reported several vulnerabilities in AI solutions, including in Microsoft Copilot, Flowise, Langflow, and others.
Tenable’s AI Aware is designed to enhance security for AI solutions. By utilizing various methods including agents, passive network monitoring, dynamic application security testing, and distributed scan engines, Tenable AI Aware can identify both approved and unapproved AI software, libraries, and browser plugins, along with their associated vulnerabilities. This comprehensive approach helps reduce the risks of exploitation, data leakage, and unauthorized resource consumption.
“Perhaps more so than with any other new technology we’ve seen, there are many risk factors to consider, especially with rushed development and deployment. Tenable AI Aware empowers organizations to deploy AI confidently, ensuring their security measures keep pace with the rapid evolution of AI technologies,” said Shai Morag, chief product officer, Tenable.
In addition to AI software and vulnerability detection, key AI Aware features available in Tenable Vulnerability Management, Tenable Security Center and Tenable One include:
- Dashboard Views provide a snapshot of the most common AI software discovered in the ecosystem, top assets with vulnerabilities related to AI, and the most common communication ports leveraged by AI technologies.
- Shadow Software Development Detection illuminates the unexpected existence of the building blocks of AI development in the environment, enabling businesses to align initiatives with organizational best practices.
- Filter Findings for AI Detections enable teams to focus on AI-related findings when reviewing vulnerability assessment results. Combined with the power of Tenable Vulnerability Prioritization Rating (VPR), teams can effectively assess and prioritize vulnerabilities introduced by AI packages and libraries.
- Asset-Centric AI-Inventory provides a complete inventory of AI-related packages, libraries, and browser plugins while reviewing the detailed profile of an asset.
More information on Tenable AI Aware is available at: https://www.tenable.com/products/vulnerability-management/ai-aware
Leave a comment