AI Access Security
Introducing AI Access Security
Table of Contents
Introducing AI Access Security
AI Access Security enables organizations to safely adopt GenAI
applications by employees by mitigating the risks posed by inadvertent data leakage in
prompts and malicious content in responses.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
One of the following:
|
GenAI apps are AI apps capable of generating text, images, videos, and other forms of
data in response to user prompts and continuously learn based on user inputs. Their
usage is proliferating at an astonishing rate and offer limitless opportunities for
businesses. However, the nature by which GenAI apps contentiously improve presents a new
danger to businesses and security administrators—how can you ensure your employees are
not exposing sensitive or proprietary data to GenAI apps?
Palo Alto Networks introduced AI Access Security to enable businesses to
safely adopt GenAI apps across their organization by mitigating the risks associated
with data leakage in prompts and malicious content in responses. AI Access Security includes an extensive dictionary of Generative artificial
intelligence (GenAI) apps to help you identify GenAI apps alongside contextual,
fine-grained access control policy rules to help you prevent exfiltration of sensitive
data. AI Access Security also provides detailed monitoring capabilities that
enable you to filter for specific GenAI apps, users, and GenAI use cases, which in turn
enables you to write targeted Security policy rules to strengthen your security posture
that help you control the data leaving your organization for GenAI appls allowed within
your organization.
AI Access Security follows a set of core principals allowing your organization
to safely leverage GenAI apps while ensuring your sensitive or proprietary data isn't
exposed.
Identify and Control GenAI Apps
Learn how AI Access Security identifies and controls GenAI apps to enable
organizations to safely adopt GenAI applications.
AI Access Security provides robust tools to identify and control GenAI app
usage on your network. Hundreds of GenAI apps have been categorized and mapped with
AI-specific attributes to generate bespoke risk scores that empower InfoSec teams to
make informed decisions. What’s more, AI Access Security not only helps
businesses understand GenAI adoption and usage, it prevents sensitive data loss and
provides real-time threat detection for both sanctioned and shadow AI apps. Security
administrators can immediately improve risk posture while simultaneously empowering
users to securely harness the power of GenAI.
Attributes—AI Access Security provides a detailed description of the
GenAI app functionality and the attributes your security administrators use to create a
Web Security or Security policy rule and when AI Access Security calculates a GenAI app risk score.
Access Control—Create Web Security or Security policy rules to control access to
GenAI apps. You can control access to GenAI apps for:
- User groups for sanctioned, unsanctioned, or tolerated GenAI apps. You can also control GenAI app usage based on description, risk, or use case.
- Block or allow specific functionality within a specific GenAI app or for a category of GenAI apps.
- Control access for GenAI app browser extensions, plugins, and custom GPTs.
Enterprise Accounts and Custom GenAI Apps—You can sanction user group access to a
GenAI app when using an enterprise account while blocking access to publicly available
GenAI apps. Additionally, you can control user group access for custom GenAI apps that
have outbound internet access.
Comprehensive Visualization and Reporting
Learn how AI Access Security provides comprehensive visualization and
reporting capabilities to allow you to monitor GenAI app usage.
AI Access Security administration is managed entirely on Strata Cloud Manager
for a single pane of glass management experience across your security enforcement
channels includes a detailed dashboard with trends allowing you to filter and explore
usage based on users, data transfers, GenAI apps, and use cases across all channels.
AI Access Security provides a comprehensive dictionary of over 500 GenAI apps
and 60+ attributes to accurately discovers and monitor GenAI adoption, usage and risk.
Additionally, AI Access Security uses context-aware LLM-powered data
classification with over 300 classifiers to provide high accurate sensitive data
discovery capabilities.
AI Access Security includes support for persona-based access with the ability
to grant role-based access controls for administrators focused on setting policy or
mitigating risk.
Data Protection
Learn how AI Access Security secures GenAI app usage to enable
organizations to safely adopt GenAI apps.
AI Access Security provides data protection, posture management, and zero
trust security all in one solution across all your enforcement points. Enterprise DLP, Palo Alto Networks' cloud-based data loss prevention service that uses AI and
supervised machine learning algorithms, is the detection engine that fuels AI Access Security's ability to block exfiltration of sensitive data for file
and nonfile based traffic and text prompts. Enterprise DLP data patterns and data profiles specify the match criteria used
to determine whether traffic that matches a Web Security policy rule contains sensitive
data. You can create custom data patterns and profiles or use predefined data patterns and profiles to
detect personally identifiable information (PII), propriety source code, intellectual
property, customer data, and more.
AI Access Security also inspects responses from sanctioned and tolerated GenAI
apps to ensure threat actors don't gain access to your network or initiate an attack in
the event a GenAI application is compromised. AI Access Security inspects all
files, URLs, and code snippets returned by a GenAI in response to a user prompt for
sanctioned and tolerated GenAI apps.