0
1.0.0
Zurich Patch 4, Yokohama Patch 11
Standalone Application
Vulnerability management teams can use AI Security Exposure Management to help them import various types of security exposures for their environments that include infrastructure vulnerabilities, cloud security findings, and application security findings. The AI Exposures dashboard provides you with a unified view into the critical security vulnerabilities of your overall attack surface. You have the option to use a generative AI skill to help you determine if threats might be already mitigated and help you prioritize high risk exposures and defer lower risk exposures that have mitigations or guardrails already in place.
- Filter two categories of AI exposures that are displayed on a dedicated dashboard in the AI Exposures module in the Unified Security Exposure Management workspace:
-
- Model vulnerabilities (AISF) - Vulnerabilities discovered in open source AI models that are published in repositories. A third-party integration, in this case, the Cisco AI defense product scans for these vulnerabilities.
-
- Model validation findings (AIVF) - Findings from third-party automated penetration testing or automated red teaming done to verify the behavior of some of these models by scanning them against their prompt libraries.
- Use automated response workflows for prioritization and remediation of vulnerabilities.
- Third-party integrations with the Cisco AI Defense and HiddenLayer Service Graph Connector security products are supported for imports.
- For customers using Now Assist for Vulnerability response:
- Import guardrail mitigation details from Cisco AI defense products.
- Use a Now Assist skill to help you determine if required guardrails exists and map them to findings based on their context or categories. This generative AI skill can help explain why a guardrail helps mitigate a threat for a particular validation finding (AIVF). A validation finding is created when a known model vulnerability or behavior can be matched to an AI model.
- Use an AI agent to help you defer and request exceptions for validation findings (AIVF)s with eligible guardrails already in place as identified by the Now Assist skill. You can also chat with the AI agent to help you create exception rules to automatically defer similar findings in future imports.
Initial release of Innovation Lab
This application requires the AI Discovery (sn_ai_disc) application to permit AI assets imports and the creation of vulnerability findings for AI assets by the automated workflows of Unified Security Exposure management (Vulnerability Response).
Supported family releases:
Yokohama Patch 11 (YP11)
Zurich Patch 4 (ZP4)
Supported integrations:
- AI Security Exposure Management 1.0.0
- The HiddenLayer Service Graph Connector and the HiddenLayer Integration for AI Security Exposure Management are third-party integrations supported by AI Security Exposure Management to import AI model vulnerability data.
- The Cisco AI Defense application is a third-party integration supported by AI Security Exposure Management to import AI Defense scan results and AI model validation data for AI and machine learning models.