SentinelOne has announced the introduction of new AI security posture management (AI-SPM) capabilities designed to enhance its Singularity Cloud Security portfolio. This new offering aims to provide organisations with improved visibility and protection over AI services in their environments. As the use of AI applications continues to rise, AI-SPM is positioned to help security teams manage both known and shadow AI services, ensuring that potential security vulnerabilities and misconfigurations are addressed.
Recent findings from a McKinsey survey indicate that 65% of organisations are utilising generative AI in at least one business function—nearly double the 33% reported in 2023. With major cloud service providers like Amazon Web Services, Google Cloud, and Microsoft Azure facilitating the development and hosting of generative AI applications, the demand for effective security measures has never been more pressing.
AI-SPM allows organisations to discover the full inventory of AI applications and models being used, which is crucial in managing the increased attack surface that these technologies can create. It provides insights into AI service misconfigurations and vulnerabilities, enabling security teams to mitigate risks associated with cloud-based AI applications and models. This proactive approach is essential as organisations seek to harness the productivity benefits of AI while navigating the inherent security, privacy, and regulatory compliance challenges.
The capabilities of AI-SPM include the discovery of AI pipelines and models across major cloud platforms, the identification of vulnerabilities within AI infrastructure, and the visualisation of potential attack paths related to AI workloads. This graph explorer feature illustrates how an adversary might traverse a customer’s environment, highlighting the importance of understanding potential lateral movement within systems.
Additionally, AI-SPM assists organisations in managing compliance risks by focusing on data policies that align with regulatory standards such as the EU AI Act and the NIST Artificial Intelligence Risk Management framework. This comprehensive approach aims to protect sensitive data associated with AI applications while ensuring adherence to evolving legal requirements.
Early access to AI-SPM is currently available for SentinelOne customers, with general availability anticipated in early 2025. The introduction of AI-SPM reflects a strategic response to the growing integration of AI in business operations and the corresponding need for robust security measures.