Search

US-12621339-B2 - System and method for providing security posture management for ai applications

US12621339B2US 12621339 B2US12621339 B2US 12621339B2US-12621339-B2

Abstract

A system and method for determining an artificial intelligence (AI) security posture management (SPM) of a cloud computing environment. The method includes: inspecting the cloud computing environment for components of an AI pipeline; generating an AI pipeline representation based on a representation of each component of the AI pipeline in a security database; inspecting the cloud computing environment for a cybersecurity object associated with a component of the AI pipeline; analyzing the AI pipeline for a cybersecurity risk based on a result of inspecting the cloud computing environment for the cybersecurity object; and initiating a remediation action in the cloud computing environment in response to detecting the cybersecurity risk.

Inventors

  • Ami Luttwak
  • Alon SCHINDEL
  • Amitai Cohen
  • Yinon COSTICA
  • Roy Reznik
  • Mattan Shalev

Assignees

  • Wiz, Inc.

Dates

Publication Date
20260505
Application Date
20231116

Claims (20)

  1. 1 . A method for determining an artificial intelligence (AI) security posture management (SPM) of a cloud computing environment, comprising: inspecting, using an inspector in an inspection environment, the cloud computing environment for components of an AI pipeline; generating an AI pipeline representation based on a representation of each component of the AI pipeline in a security database; inspecting, using an inspector in an inspection environment, the cloud computing environment for a cybersecurity object associated with a component of the AI pipeline, wherein the cloud computing environment is a production environment distinct from any inspection environment and any inspector is a workload in an inspection environment; analyzing the AI pipeline for a cybersecurity risk based on a result of inspecting the cloud computing environment for the cybersecurity object; detecting a principal deployed in the cloud computing environment as a component of the AI pipeline; detecting a permission associated with the principal through an identity and access management (IAM) service; determining that the principal includes excessive permissions, based on the detected permission; and initiating a remediation action in the cloud computing environment in response to detecting the cybersecurity risk and the excessive permissions.
  2. 2 . The method of claim 1 , further comprising: analyzing the AI pipeline for a combined cybersecurity risk based on detecting a cybersecurity object and a component of the AI pipeline.
  3. 3 . The method of claim 2 , wherein the cybersecurity object is a sensitive data, and the component of the AI pipeline is an exposed workload.
  4. 4 . The method of claim 1 , further comprising: detecting the cybersecurity risk based on a combination of secondary cybersecurity risks.
  5. 5 . The method of claim 1 , further comprising: detecting a database in the AI pipeline; determining that the detected database includes sensitive data; and generate an alert based on the sensitive data.
  6. 6 . The method of claim 1 , further comprising: detecting a misconfiguration on a component of the AI pipeline; and initiating a remediation based on the detected misconfiguration.
  7. 7 . The method of claim 1 , further comprising: detecting an AI model stored on a component of the AI pipeline; determining that the AI model is associated with a cybersecurity risk; and initiating a remediation based on the cybersecurity risk.
  8. 8 . The method of claim 7 , further comprising: determining that the AI model is vulnerable to a prompt injection, based on the associated cybersecurity risk.
  9. 9 . The method of claim 7 , further comprising: detecting that an output of the AI model is directed to a predetermined sensitive system, the sensitive system being a component of the AI pipeline; determining that the AI model is configured to generate an executable instruction; and determining that the AI model is vulnerable to an output handling, in response to determining that the AI model is configured to generate the executable instruction.
  10. 10 . The method of claim 1 , further comprising: detecting a secret in a component of the AI pipeline; and generating a cybersecurity risk assessment based on the detected secret.
  11. 11 . The method of claim 1 , further comprising: detecting a potential attack path to a component of the AI pipeline.
  12. 12 . The method of claim 11 , further comprising: detecting a network path between an external network and the component of the AI pipeline; and detecting the potential attack path based on the network path.
  13. 13 . The method of claim 1 , further comprising: configuring the inspector that is inspecting the cloud computing environment for a cybersecurity object associated with a component of the AI pipeline to inspect the component of the AI pipeline for any one of: a vulnerability, an identity, a network exposure, a malware, a sensitive data, a secret, and any combination thereof.
  14. 14 . The method of claim 1 , wherein the inspector that is inspecting the cloud computing environment for components of an AI pipeline detects AI components by performing static analysis.
  15. 15 . The method of claim 1 , wherein the cloud computing environment includes at least two different cloud computing environments and wherein at least two of the components of the AI pipeline are deployed in different ones of the at least two cloud computing environments.
  16. 16 . The method of claim 1 , wherein inspecting for a cybersecurity object further comprises: causing creation of a clone disk; and Inspecting the clone disk for the cybersecurity object.
  17. 17 . A non-transitory computer-readable medium storing a set of instructions for determining an artificial intelligence (AI) security posture management (SPM) of a cloud computing environment, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a device, cause the device to: inspect, using an inspector in an inspection environment, the cloud computing environment for components of an AI pipeline; generate an AI pipeline representation based on a representation of each component of the AI pipeline in a security database; inspect, using an inspector in an inspection environment, the cloud computing environment for a cybersecurity object associated with a component of the AI pipeline, wherein the cloud computing environment is a production environment distinct from any inspection environment and any inspector is a workload in an inspection environment; analyze the AI pipeline for a cybersecurity risk based on a result of inspecting the cloud computing environment for the cybersecurity object; detect a principal deployed in the cloud computing environment as a component of the AI pipeline; detect a permission associated with the principal through an identity and access management (IAM) service; determine that the principal includes excessive permissions, based on the detected permission; and initiate a remediation action in the cloud computing environment in response to detecting the cybersecurity risk and the excessive permissions.
  18. 18 . A system for determining an artificial intelligence (AI) security posture management (SPM) of a cloud computing environment comprising: a processing circuitry; a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to: inspect, using an inspector in an inspection environment, the cloud computing environment for components of an AI pipeline; generate an AI pipeline representation based on a representation of each component of the AI pipeline in a security database; inspect, using an inspector in an inspection environment, the cloud computing environment for a cybersecurity object associated with a component of the AI pipeline, wherein the cloud computing environment is a production environment distinct from any inspection environment and any inspector is a workload in an inspection environment; analyze the AI pipeline for a cybersecurity risk based on a result of inspecting the cloud computing environment for the cybersecurity object; detect a principal deployed in the cloud computing environment as a component of the AI pipeline; detect a permission associated with the principal through an identity and access management (IAM) service; determine that the principal includes excessive permissions, based on the detected permission; and initiate a remediation action in the cloud computing environment in response to detecting the cybersecurity risk and the excessive permissions.
  19. 19 . The system of claim 18 , wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: analyze the AI pipeline for a combined cybersecurity risk based on detecting a cybersecurity object and a component of the AI pipeline.
  20. 20 . The system of claim 19 , wherein the cybersecurity object is a sensitive data, and the component of the AI pipeline is an exposed workload.

Description

TECHNICAL FIELD The present disclosure relates generally to security posture management (SPM), and specifically to security posture management of artificial intelligence (AI) pipelines in cloud computing environments. BACKGROUND Artificial intelligence (AI) applications are increasingly prevalent, as costs of computing hardware have plummeted significantly, and as AI models have improved their computational resource consumption. This explosion in AI applications, with a rush to deploy AI solutions in various endeavors, presents new cybersecurity risks. Security teams lack knowledge and experience in AI systems, which can lead to vulnerabilities in implementations. AI systems are complex and ever-evolving, require new software tools that security teams may not be aware of, and also do not always have cybersecurity awareness about. For example, an AI model may leak data, for example exposing sensitive data, secrets, etc. An AI model may be vulnerable to manipulation, such as by poisoning the training data. As with any rapidly evolving technology, the pace of evolution means that attackers can find an advantage over security teams. It would therefore be advantageous to provide a solution that would overcome the challenges noted above. SUMMARY A summary of several example embodiments of the disclosure follows. This summary is provided for the convenience of the reader to provide a basic understanding of such embodiments and does not wholly define the breadth of the disclosure. This summary is not an extensive overview of all contemplated embodiments, and is intended to neither identify key or critical elements of all embodiments nor to delineate the scope of any or all aspects. Its sole purpose is to present some concepts of one or more embodiments in a simplified form as a prelude to the more detailed description that is presented later. For convenience, the term “some embodiments” or “certain embodiments” may be used herein to refer to a single embodiment or multiple embodiments of the disclosure. A system of one or more computers can be configured to perform particular operations or actions by virtue of having software, firmware, hardware, or a combination of them installed on the system that in operation causes or cause the system to perform the actions. One or more computer programs can be configured to perform particular operations or actions by virtue of including instructions that, when executed by data processing apparatus, cause the apparatus to perform the actions. In one general aspect, method may include inspecting the cloud computing environment for components of an AI pipeline. Method may also include generating an AI pipeline representation based on a representation of each component of the AI pipeline in a security database. Method may furthermore include inspecting the cloud computing environment for a cybersecurity object associated with a component of the AI pipeline. Method may in addition include analyzing the AI pipeline for a cybersecurity risk based on a result of inspecting the cloud computing environment for the cybersecurity object. Method may moreover include initiating a remediation action in the cloud computing environment in response to detecting the cybersecurity risk. Other embodiments of this aspect include corresponding computer systems, apparatus, and computer programs recorded on one or more computer storage devices, each configured to perform the actions of the methods. Implementations may include one or more of the following features. Method may include: analyzing the AI pipeline for a combined cybersecurity risk based on detecting a cybersecurity object and a component of the AI pipeline. Method where the cybersecurity object is a sensitive data, and the component of the AI pipeline is an exposed workload. Method may include: detecting the cybersecurity risk based on a combination of secondary cybersecurity risks. Method may include: detecting a database in the AI pipeline; determining that the detected database includes sensitive data; and generate an alert based on the sensitive data. Method may include: detecting a misconfiguration on a component of the AI pipeline; and initiating a remediation based on the detected misconfiguration. Method may include: detecting a principal deployed in the cloud computing environment as a component of the AI pipeline; detecting a permission associated with the principal through an identity and access management (IAM) service; and determining that the principal includes excessive permissions, based on the detected permission. Method may include: detecting an AI model stored on a component of the AI pipeline; determining that the AI model is associated with a cybersecurity risk; and initiating a remediation based on the cybersecurity risk. Method may include: determining that the AI model is vulnerable to a prompt injection, based on the associated cybersecurity risk. Method may include: detecting that an output of the AI model is dire