SentinelOne has introduced new AI security posture management (AI-SPM) capabilities to safeguard and secure AI services utilized in the workplace. This latest offering, built on SentinelOne’s Singularity cybersecurity platform, will enhance the existing Singularity Cloud Security portfolio, providing customers with visibility and protection over both known and shadow AI cloud services operating within their environment.
The AI-SPM from SentinelOne aims to assist security teams in identifying the complete inventory of AI applications and models being used, detecting and addressing AI service misconfigurations and vulnerabilities, and gaining insights into potential attack paths linked to AI workloads. By doing so, organizations can leverage the productivity benefits and competitive advantages of AI while mitigating security risks, ensuring data privacy, and complying with regulatory standards associated with cloud-based AI applications and models.
Priority access to the AI-SPM solution is currently available for SentinelOne customers, with general availability expected in early 2025.
A recent global survey conducted by McKinsey in May 2024 revealed that 65 percent of organizations were utilizing generative AI in at least one business function, showcasing a significant increase from 33 percent in the previous year. Additionally, 50 percent of organizations had extended the use of generative AI across multiple functions within their operations. As the demand for AI continues to grow, leading public cloud service providers such as Amazon Web Services, Google Cloud, and Microsoft Azure have facilitated the development, training, and hosting of generative AI applications in the cloud.
Ely Kahn, the VP of Product Management at SentinelOne, emphasized the importance of balancing the advantages of generative AI with the associated cybersecurity challenges and regulatory risks. With the introduction of AI-SPM, SentinelOne aims to empower customers to harness the benefits of generative AI while equipping security teams with the necessary tools and visibility to safeguard sensitive data processed by cloud-based AI applications.
As a component of SentinelOne’s Singularity Cloud Security portfolio, AI-SPM offers several key capabilities, including:
1. Discovery and visibility into known and shadow AI pipelines and models: The AI-SPM solution uncovers all AI services, training, deployed models, and pipelines from cloud services such as AWS (Amazon SageMaker and Amazon Bedrock), Google Cloud (Google Vertex AI), and Microsoft Azure (Microsoft Azure OpenAI).
2. Detection and identification of vulnerabilities and misconfigurations in AI infrastructure: AI-SPM provides insights into any misconfigurations within AI services to prevent inadvertent exposure that could potentially result in data breaches and unauthorized access to AI models and services.
3. Visualization and analysis of potential attack paths: The graph explorer feature in SentinelOne’s AI-SPM visually represents attack paths associated with AI-based workload alerts, demonstrating how an adversary could navigate the customer’s environment and potentially gain access to critical resources.
4. Management and mitigation of compliance risks: Focus on data policies that align with company-level compliance standards and risk assessments against regulatory frameworks such as the EU AI Act and NIST’s Artificial Intelligence Risk Management guidelines.
In conclusion, SentinelOne’s AI-SPM solution represents a significant advancement in enhancing the security posture of AI services within organizations, enabling them to embrace the benefits of AI while safeguarding against potential cybersecurity threats and regulatory compliance issues. This proactive approach underscores the importance of proactive AI security management in today’s increasingly digital and AI-driven workplaces.