Skip to main content

AI Security

AI Security in Cyscale helps you discover AI-related assets, understand AI bill-of-materials context, and prioritize AI posture risks using the same cloud security graph that already contains your infrastructure, identities, vulnerabilities, data stores, and network exposure.

Use this area when you need to answer:

  • Which AI services, models, endpoints, datasets, feature stores, and AI workloads exist?
  • Which AI systems are exposed, unencrypted, or missing logging?
  • Which identities or service accounts can access models, endpoints, datasets, vector stores, or agent tools?
  • Which AI assets are connected to public paths or sensitive data stores?
  • Which AI controls are failing and which teams should remediate them?
Availability

AI Security can be enabled per account or plan. If the module is not enabled for your account, Cyscale does not show the AI Security menu and connector syncs stay within the standard CSPM/CNAPP coverage.

AI Security Workspace

The AI Security workspace is designed around four practical views.

Overview

The Overview page gives immediate posture signals for AI Security:

  • AI assets discovered across enabled connectors
  • open AI issues grouped by severity and type
  • public AI endpoints and exposed AI services
  • AI data-flow context from datasets to models, endpoints, agents, identities, and public paths
  • top AI technologies, packages, models, and service families
  • AI controls and remediation entry points

Use the Overview page first when you want to understand the current AI attack surface.

Discovery and Inventory

Discovery and Inventory is the operational list of AI-related assets. It focuses on cloud and Kubernetes resources that are part of the AI estate, such as:

  • managed AI services
  • models and model endpoints
  • datasets, feature stores, training stores, and vector stores
  • AI workbenches, notebooks, and pipelines
  • Kubernetes workloads that look AI-related
  • AI runtime services and supporting identities

Use this page when you need to find a specific AI asset, filter by provider or connector, or inspect ownership, exposure, identity, and data context.

AI Catalog (BOM)

AI Catalog is the AI bill-of-materials view. It focuses on the materials and technologies that make up AI systems:

  • models and model families
  • endpoints and deployments
  • datasets and feature stores
  • agents and tool endpoints
  • frameworks, libraries, packages, and AI SDKs
  • guardrails and policy components where available

This view is different from inventory. Inventory answers "which resources exist?" AI-BOM answers "what AI components, dependencies, and materials make up the AI system?"

Issues and Controls

AI Security controls help you detect posture problems such as:

  • public AI endpoints
  • broad model access
  • unencrypted training data
  • unrestricted agent tool permissions
  • weak or missing guardrail configuration
  • missing logging or audit evidence
  • overly broad data-store access from model or agent identities

Controls are mapped to the AI Best Practices framework so AI teams, cloud teams, and governance teams can discuss posture using the same evidence.

Supported Coverage

Cyscale uses provider APIs and Kubernetes metadata to discover AI-related assets. Coverage depends on the connected providers, enabled APIs, permissions, and module availability.

AWS

AWS AI Security coverage includes SageMaker-related assets and relationships such as models, endpoints, endpoint configurations, feature groups, training data stores, and execution roles. Cyscale can relate these assets to IAM roles, data stores, and exposure paths when the underlying data is available.

For AI service sync, make sure the AWS connector role has the updated read permissions shown in the connector permission notice or onboarding flow.

Microsoft Azure

Azure AI coverage includes Azure AI and Machine Learning resources where available through Azure Resource Graph and Azure APIs, including Azure Machine Learning, Azure AI Search, Azure OpenAI, Microsoft Foundry / AI Foundry-related resources, Bot Services, Cognitive Services families, Document Intelligence, Speech, Translator, Language, Computer Vision, and related AI service accounts.

For Azure connectors, Cyscale can show either predefined role guidance or a custom-permissions list depending on how your organization manages access.

Google Cloud

Google Cloud AI coverage includes Vertex AI assets such as models, endpoints, datasets, feature stores, and supporting service accounts. Where available, Cyscale maps model-to-endpoint, endpoint-to-service-account, and dataset/feature-store relationships.

The recommended predefined role for AI coverage is roles/aiplatform.viewer. If you use custom roles, include the AI Platform read/list permissions shown in the connector permission update modal.

Kubernetes

Kubernetes can host AI services even when the managed cloud AI services are not used. The Kubernetes agent can identify AI-related pods, deployments, services, and workloads based on names, labels, images, packages, and workload metadata. This helps expose self-hosted models, inference APIs, vector services, AI agents, MCP servers, and AI workloads running inside clusters.

Updating Connector Permissions

When new AI Security coverage needs additional read permissions, Cyscale can show an in-app notice and a connector-specific permission update flow.

The expected workflow is:

  1. Open the notice or the connector-level permissions message.
  2. Review the connectors that need permission updates.
  3. Open How to update permissions for the relevant provider.
  4. Update the role, policy, app registration, or service account permissions in the cloud provider.
  5. Confirm in Cyscale that the permissions were updated.
  6. Cyscale starts a new sync so the AI-related assets can be discovered.

If you dismiss the notice, you can still return to the connector-level prompt until the connector is explicitly marked as updated.

Usage Tips

  • Start with the AI Security Overview to understand the highest-risk combinations.
  • Use Discovery and Inventory to validate that expected AI assets are visible.
  • Use AI Catalog when you need AI-BOM evidence for models, packages, frameworks, tools, and services.
  • Use Query Builder to create repeatable investigations and save custom controls.
  • Review AI Best Practices in Compliance to see AI-specific control groupings.

Troubleshooting

AI Security is not visible

The AI Security module may not be enabled for your account or plan. Contact your Cyscale administrator or Cyscale support.

AI assets are missing

Check that:

  • the AI Security module is enabled
  • the relevant connector permissions were updated
  • provider APIs are enabled where the provider requires them
  • the connector synced after the permission change
  • Kubernetes workloads have enough metadata for AI classification

The connector permission notice disappeared

If the notice was dismissed globally, check the Connectors page. Connector-level permission prompts remain available for connectors that were not marked as updated.