好的,我现在需要帮用户总结一篇文章的内容,控制在100个字以内。首先,我得仔细阅读这篇文章,了解它的主要信息和关键点。 文章主要介绍的是Tenable One AI Exposure这个工具。它帮助安全团队监控和管理组织中AI的使用,包括shadow AI、代理、浏览器插件等。工具的功能包括映射复杂的AI工作流,揭示高影响的暴露点,并监控安全和AI使用策略的合规性。 接下来,文章详细说明了AI暴露管理缺口的问题,传统安全工具无法有效应对AI带来的风险。Tenable One AI Exposure通过持续发现、上下文关联和优先处理AI相关的暴露点,提供全面的风险视图。 然后,文章分步骤说明了Tenable One如何帮助保护AI攻击面:发现AI的存在、理解其如何创建暴露、保护AI工作负载和服务、治理AI使用和数据流,并检测特定的威胁如prompt注入和越狱尝试。 最后,文章强调了该工具在不阻碍创新的情况下保障AI安全的重要性,并鼓励用户申请演示或联系账户团队。 现在我需要将这些关键信息浓缩到100字以内。重点应放在Tenable One AI Exposure的功能、解决的问题以及带来的好处上。确保语言简洁明了,直接描述内容。 </think> Tenable One AI Exposure 是一款帮助企业监控和管理组织内所有 AI 使用情况的工具,包括 shadow AI 和浏览器插件等。它通过映射复杂的工作流揭示高风险暴露点,并帮助监控安全策略的合规性。该工具现已在 Tenable One 平台上提供,旨在填补传统安全工具无法应对的 AI 安全风险缺口。 2026-1-27 13:45:0 Author: www.tenable.com(查看原文) 阅读量:3 收藏
Continuously discover and monitor all AI usage across your organization, including shadow AI, agents, browser plug-ins, and more, with Tenable One AI Exposure. Map complex AI workflows to reveal high-impact exposures and monitor compliance with security and AI acceptable use policies.
Key takeaways
- Now generally available in the Tenable One Exposure Management Platform, Tenable One AI Exposure gives security teams capabilities to monitor and secure AI-driven workflows.
- Map complex AI workflows to reveal how applications, infrastructure, identity, agents, and data combine to create high-impact exposure.
- Protect against AI-specific risks like prompt injection and jailbreak attempts while identifying sensitive data shared through AI prompts.
The rapid integration of AI across applications and infrastructure has outpaced the reach of traditional security oversight. As autonomous agents and cloud-based AI become central to the enterprise, security teams are struggling to manage a new class of risk that legacy tools were never designed to see — creating a critical AI exposure management gap.
Today, we are launching Tenable One AI Exposure to provide security teams with the capabilities needed to close that gap and mitigate AI security risks. Now generally available within the Tenable One Exposure Management Platform, these capabilities allow organizations to secure their AI-driven workflows without slowing innovation.
The AI exposure management gap explained
The AI exposure management gap refers to three challenges security teams face: whether they can see how employees are using AI, where it’s running, and how AI exposure accumulates across interconnected systems — both within and outside an organization.
AI exposure is hard to gauge for a variety of reasons. For one, it doesn’t look like traditional cyber risk. It doesn’t live in one system. It doesn’t announce itself as a vulnerability. And it doesn’t wait for attackers to exploit it before causing harm. AI security risks show up in:
- Employee-facing AI platforms like ChatGPT, Copilot, and embedded SaaS features
- Cloud-based AI services and model pipelines
- APIs, agents, and browser plug-ins
- Public-facing applications and services
Much of this adoption happens outside traditional security workflows. Shadow AI deployments, forgotten test environments, unsafe integrations, and over-permissioned services quietly expand the attack surface, often without security teams realizing they exist.
At the same time, AI workloads rely on complex chains of infrastructure, identities, APIs, and data access. A single misconfiguration or overly broad permission can turn routine AI usage into a high-impact exposure.
Because AI interactions happen constantly through prompts, uploads, responses, and automated actions, even approved use can unintentionally expose sensitive data without the right visibility and guardrails in place.
Finally, AI exposure rarely appears as a single alert or vulnerable asset. Instead, it emerges through connections. For example:
- An employee uses an approved third-party tool
- That tool invokes an internal AI service or agent
- The agent has access to sensitive data or systems
- A misconfiguration or exposed endpoint makes that access reachable
Individually, each component may appear benign. Together, they create real risk.
Traditional security tools tend to look at these elements in isolation: cloud posture here, identity permissions there, application risk somewhere else. Without a way to connect these signals, security teams are left reacting to symptoms instead of managing exposure.
Introducing Tenable One AI Exposure
Tenable One AI Exposure helps teams close this visibility gap by continuously discovering, contextualizing, and prioritizing AI-related exposure across your organization — internal and external, on-premises and cloud — to deliver a complete, risk-aware view of where AI operates, its connections, and where it creates exposure.
Unlike point AI cybersecurity tools that surface isolated findings, Tenable One connects the entire activity chain in a single view, showing how AI applications, infrastructure, identity, agents, and data combine to create real risk. By correlating these relationships, Tenable One helps your security teams prioritize the AI exposures that matter most to reduce AI security risks across all environments.
How Tenable One helps secure the AI attack surface
Discover AI across your organization
You can’t manage AI risk if you don’t know where AI exists.
Tenable One continuously discovers AI usage across internal environments and the external attack surface, helping teams eliminate blind spots and maintain an up-to-date understanding of their AI footprint. This includes visibility into sanctioned and shadow AI across applications, endpoints, cloud workloads, APIs, agents, and publicly exposed services.
Security teams can see where AI services are running, which technologies are in use, and how external exposure aligns with internal awareness.
Understand how AI creates exposure
Discovery alone isn’t enough. AI risk emerges from how systems interact.
Tenable One maps AI workflows across cloud platforms and services, revealing how AI models, infrastructure, storage, networking, and access controls work together. It highlights vulnerabilities and misconfigurations in AI-related software and cloud resources while providing context about what data and systems those components can reach.
By connecting AI infrastructure with identity and access paths, teams gain clarity into where exposure is actually created, not just where AI exists.
Protect AI workloads, services, and access
Reducing AI risk means closing the gaps attackers exploit.
Tenable One helps teams identify and remediate risky configurations in AI workloads and model environments before they can be abused. It also surfaces excessive permissions and identity weaknesses tied to AI services and agents, enabling teams to enforce least-privilege access and reduce attack paths that put critical AI resources at risk.
This identity-driven exposure insight helps security teams focus on the combinations of weaknesses that matter most.
Govern AI usage and data flow
AI adoption doesn’t have to come at the cost of security or compliance.
Tenable One provides visibility into how employees and agents interact with AI platforms, including tools like ChatGPT, Copilot, and embedded generative AI features. It also shows how data flows through those interactions. Teams can identify sensitive data shared through prompts or uploads, enforce AI acceptable use policies, and apply guardrails that guide users toward safer AI behavior.
The platform also detects AI-specific threats and misuse, such as prompt injection and jailbreak attempts, and provides high-fidelity context to support fast, confident response.
Secure AI adoption without slowing innovation
AI doesn’t have to be your biggest blind spot, and security doesn’t have to be the brake on innovation. With Tenable One AI Exposure, organizations can move forward confidently, knowing they have a proactive, pre-breach approach to managing AI risk across the entire attack surface.
New to Tenable? Request a Tenable One AI Exposure demo today.
Existing customer? Reach out to your account team to expand your Tenable One coverage to include AI Exposure.
如有侵权请联系:admin#unsafe.sh