Launch Week Day 4: Introducing our new AI Inventory

With our new AI Inventory, you can now discover the AI services in use across AWS, Google Cloud and Microsoft Azure. We provide coverage for popular services like Amazon SageMaker, Azure Machine Learning, and Google Cloud Vertex AI, along with managed AI services such as AWS Bedrock, Azure OpenAI Service, and Google Cloud Language AI.

What is an AI Inventory? ​

An AI Inventory provides visibility into the AI and machine learning services running across your cloud environments. It’s an inventory that maps out the list of services in use and their relationships to corresponding assets like storage buckets, databases and access keys.

Why use an AI Inventory? ​

Cloud security teams face a new challenge, and that’s securing the growing number of AI workloads. Like every other cloud service, AI services come with their own configuration options and posture risks. Without a clear inventory of AI services, cloud security engineers can’t assess their risk exposure or ensure compliance with AI governance policies.

For example, unmonitored AI services may process sensitive data, operate with excessive permissions, or run vulnerable model versions. That’s why security teams need to know which AI services are deployed, who has access to them, and what data they process.

Understanding AI-SPM ​

AI Security Posture Management (AI-SPM) is an emerging category focused on securing AI and machine learning workloads in the cloud. An AI Inventory forms the foundation of AI-SPM with the baseline visibility required to implement security controls, assess risks, and maintain compliance. Without knowing what AI assets exist in your environment, implementing security measures becomes impossible.

Key features of our new AI Inventory ​

Discovery and visibility ​

Our AI Inventory automatically discovers AI services across AWS, Google Cloud, and Azure. We’ve introduced a new service category “Machine Learning & AI” that includes platform services like SageMaker, Vertex AI and Azure Machine Learning, as well as as chatbot services like Amazon Q and API services like Amazon Bedrock.

For a full list of the AI services our AI Inventory supports check out our docs and the data models for AWS, Google Cloud and Azure.

Understand AI services ​

Since AI is the next battleground in the cloud, the list of AI services the cloud providers offer just keeps growing. Soon, if not already, it will be impossible to know for a cloud security engineer to know what exactly these individual services do and how they work. That’s why we’ve included a description of each service, as well as a link to the corresponding product documentation.

Get full-stack visibility ​

With our inventory graph and its neighorbood view, you can see exactly how a specific AI resource is connected with other cloud services, in particular with data sources such as an S3 bucket, or access roles like IAM role. We also tell you where in the world (quite literally) your data resides and where your models run, by showing the region and cloud accounts.

The neighborhood view provides visibility into your AI supply chain with some cool new use cases:

• Data source mapping: Which storage buckets and databases contain training data?

• Access patterns: Which identities and access keys can interact with AI services?

• Network connectivity: What other services can communicate with AI endpoints?

• Regulatory compliance: In which region do I run my training, and where do my data assets reside

So what does this mean for my AI security? Here are a few risks that you may have lurking in your infrastructure without this visibility:

• Data exposure through misconfigured storage permissions

• Unauthorized access to AI endpoints

• Compliance violations from undocumented data usage

• Expanded AI attack surface through unknown service exposure

These are just some examples, and we’re working on providing an opinionated view on these uses cases in our dashboard.

Write AI policies ​

Part of Fix Security’s differentation is our unified data model that normalizes resource kinds across different clouds. It can be tedious to know how resource kinds and attributes are named. For custom compliance policies such as “no unencrypted storage volumes” or “every compute instance must have a cost center tag”, you don’t want to rewrite those checks for every cloud provider.

That’s why we use “base resources” that describe services common to all clouds (firewall, database, etc.). These base resources make it easier to write policies that discover and categorize certain cloud services.

For AI, we’ve introduced three new base resources:

• AI Resource: Any type of AI resource across AWS, GCP, Azure

• AI Model: Any type of AI model, e.g. an AWS Bedrock Foundational Model

• AI Job: Any type of Job, e.g. a GCP Vertex AI Batch Prediction Job

These three base resources make it easy to start with writing searches and policies for your AI Inventory, regardless of if you’re securing a single or multi-cloud environment.

Summary ​

Our new AI Inventory provides you with full-stack visibility into the AI services that run in your cloud infrastructure. An AI Inventory is the first step towards implementing AI-SPM (AI Security Posture Management). With our base kinds for AI, you can also start writing your first AI-related security policies.

Our AI Inventory is now generally available to all users in your Fix Security dashboard. Head on over, or sign up for a free trial.