2024-8-7 01:0:0 Author: www.tenable.com(查看原文) 阅读量:10 收藏
As AI usage becomes more prevalent in organizations globally, security teams must get full visibility into these applications. Building a comprehensive inventory of AI applications in your environment is a first step. Read on to learn what we found about AI application-usage in the real world when we analyzed anonymized telemetry data from scans using Tenable’s products.
Here’s a common scenario in enterprises today: Under the CISO’s guidance, the security team has set up rigorous processes to review and approve all artificial intelligence (AI) applications before they are deployed. An AI governance board and data review council have been established to ensure compliance with internal InfoSec policies. By all accounts, AI is being leveraged in a completely controlled manner on the hosts that are regularly monitored and patched.
Or is it?
A recent analysis of Tenable’s anonymized telemetry data shows that many security teams are finding usage of AI applications in their environment that might not have been provisioned via formal processes.
In other words, despite establishing formal policies and detailed procedures for deploying AI securely, many enterprises are discovering that their employees have taken a free hand with AI, creating a shadow IT problem.
What our telemetry data shows
Unquestionably, AI represents a great opportunity for organizations to improve and transform their operations, so it’s not surprising that the world is abuzz with the promise of AI. This technology is more pervasive than we could have ever imagined two years ago, and AI is everywhere – think of ChatGPT, Grammarly, H2O, Ollama and many others.
Over a recent 30-day period, Tenable scans found 1.7 million instances of AI applications on more than 287,000 hosts. Over 33% of customers that scanned using detections for AI applications found them in their environment. This is according to anonymized telemetry data from customers that agreed to share it with Tenable.
Because the data is anonymized and aggregated, it is not feasible to know the exact percentage of applications that were unapproved. However, even in cases where only a minority of the applications found were unapproved, their detection would have been critically important. That’s because AI applications that are unmanaged and unsecured represent a major risk.
Obtaining a complete inventory of all your AI applications – approved and unapproved – gives you the visibility you need to protect your attack surface. Such an inventory also allows you to make sure that approved AI applications are being used properly and only by their authorized users.
Benchmarking
Let's take a look at the top geographies
In terms of the raw number of times these AI plugins triggered detections, the Americas lead the way, followed by Europe, the Middle East and Africa (EMEA) and then Asia-Pacific (APAC.) However, EMEA ranked first with 22% of AI-related scans resulting in a detection while in APAC it was about 5% and the Americas at 18%. Our recommendation is to scan your environment regularly with the Tenable AI scan template because the percentages above denote a likely probability of detection of an AI application in your environment.
AI usage by industry
Retail leads the way by a big margin followed by the Technology and Telecommunications sectors.
This chart shows a vertical-industry breakdown of triggers of Tenable’s AI plugins.
AI usage by size of organization
As expected, the number of detections vary depending on the size of the organization. Small organizations can easily see up to 100 detections a day while the very large ones are seeing 30,000-plus detections a day for AI applications.
AI browser plugins
There are hundreds of browser plugins leveraging AI. The most popular ones are:
| App | Raw counts in Tenable scans |
|---|---|
| Grammarly: AI writing and grammar-checker App | 6,781,023 |
| LanguageTool: AI grammar-checker and paraphraser | 1,726,138 |
| Magical: AI writer and autofill text expander | 534,502 |
| Scribe: AI documentation, SOPs and screenshots | 284,470 |
| QuillBot: AI writing and grammar-checker Tool | 244,424 |
| Wordtune: Generative AI productivity platform | 198,134 |
| ChatGPT for Google | 116,122 |
AI zero days
There are over 400 vulnerabilities disclosed in AI applications so far and Tenable's researchers have discovered a handful as well that are in various stages of disclosure. Among those that have been published are NextChat Server-Side Request Forgery / Cross-Site Scripting and SSRF Security Feature Bypass in Azure AI and ML Studios.
This number is still very small as AI security is in the nascent stage: 400 vulnerabilities is a small drop in the ocean when compared to the tens of thousands disclosed each year overall. However, we are only getting started with AI security in the ecosystem as a whole.
What can you do to elevate your security posture further?
- Be in the know. Build an inventory of AI applications found in the organization and correlate with the ones that have been approved by the AI governance board of the organization.
- Regularly scan with plugins released for Tenable Vulnerability Management, Tenable Security Center, Tenable Nessus, Tenable Nessus Network Monitor, Tenable WebApp Scanning and Tenable OT Security.
- Leverage dashboard templates in Tenable Vulnerability Management and Tenable Security Center to review findings from the plugins.
- Mitigate frequently.
- You should never trust user inputs, and AI isn’t an exception. Follow first principles of security, security best practices and validate, validate, validate. Check out our blog about this topic.
Below you'll find links to our plugins for Tenable Vulnerability Management, Tenable Web App Scanning and Tenable Nessus Network Monitor.
Rajiv Motwani
Rajiv leads the Tenable Research functions of Global Detections (Asset and Vulnerability), Strategic Projects, Zero Day Vulnerability Research, Security Response and Audits & Compliance.
Rajiv started his cybersecurity career as a security researcher, reversing vulnerabilities at McAfee Inc., as part of the host intrusion prevention team. Subsequently, he went on to manage large security teams at Trend Micro and Citrix. Prior to Tenable, Rajiv managed the security research and data science functions at Forcepoint LLC, the cybersecurity arm of Raytheon. During the course of his career, he has started and grown multiple research functions and enjoys keeping abreast with the ever-changing threat landscape.
Rajiv earned a Masters in Computer Engineering specializing in security from Carnegie Mellon University and completed his Masters in Business specializing in Software Enterprise Management. Rajiv has multiple patents to his name, and in his free time, he loves to travel, explore new adventures, catch up on his ever-growing watchlist of TV shows and try new restaurants and cuisines.
Related Articles
- Nessus Network Monitor
- Plugins
- Tenable Vulnerability Management
- Tenable Web Application Scanning
Cybersecurity News You Can Use
Enter your email and never miss timely alerts and security guidance from the experts at Tenable.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Tenable Vulnerability Management trials created everywhere except UAE will also include Tenable Lumin and Tenable Web App Scanning.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
100 assets
Choose your subscription option:
Thank You
Thank you for your interest in Tenable Vulnerability Management. A representative will be in touch soon.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Tenable Vulnerability Management trials created everywhere except UAE will also include Tenable Lumin and Tenable Web App Scanning.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
100 assets
Choose your subscription option:
Thank you
Thank you for your interest in Tenable.io. A representative will be in touch soon.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Tenable Vulnerability Management trials created everywhere except UAE will also include Tenable Lumin and Tenable Web App Scanning.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
100 assets
Choose your subscription option:
Thank you
Thank you for your interest in Tenable Vulnerability Management. A representative will be in touch soon.
Try Tenable Web App Scanning
Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.
Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.
Buy Tenable Web App Scanning
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Try Tenable Lumin
Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.
Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.
Buy Tenable Lumin
Contact a sales representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.
Thank you
Thank you for your interest in Tenable Lumin. A representative will be in touch soon.
Request a demo of Tenable Security Center
Please fill out this form with your contact information.
A sales representative will contact you shortly to schedule a demo.
* Field is required
Request a demo of Tenable OT Security
Get the Operational Technology security you need.
Reduce the risk you don’t.
Request a demo of Tenable Identity Exposure
Continuously detect and respond to Active Directory attacks. No agents. No privileges.
On-prem and in the cloud.
Request a demo of Tenable Cloud Security
Exceptional unified cloud security awaits you!
We’ll show you exactly how Tenable Cloud Security helps you deliver multi-cloud asset discovery, prioritized risk assessments and automated compliance/audit reports.
See
Tenable One
in action
Exposure management for the modern attack surface.
See Tenable Attack Surface Management in action
Know the exposure of every asset on any platform.
Thank You
Thank you for your interest in Tenable Attack Surface Management. A representative will be in touch soon.
Try Tenable Nessus Professional free
Free for 7 days
Tenable Nessus is the most comprehensive vulnerability scanner on the market today.
NEW - Tenable Nessus Expert
now available
Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.
Fill out the form below to continue with a Nessus Pro trial.
Buy Tenable Nessus Professional
Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.
Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.
Try Tenable Nessus Expert free
Free for 7 days.
Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.
Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.
Buy Tenable Nessus Expert
Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.
Learn How Tenable Helps Achieve SLCGP Cybersecurity Plan Requirements
Tenable solutions help fulfill all SLCGP requirements. Connect with a Tenable representative to learn more.
如有侵权请联系:admin#unsafe.sh