AI & LLM Usage Plugin 

Research Release Highlight

Summary

In order to help customers identify software exposures associated with emerging Artificial Intelligence (AI) or Large Language Model (LLM) technologies, Tenable is releasing an “AI/LLM Software Report” plugin which provides informational alerting of AI/LLM technology found within the enterprise environment. This new exploratory detection capability will use several methods to identify AI/LLM software and will be regularly updated as new detections and methods become available. The initial release of this summary reporting capability is supported by various NASL plugins which identify several AI/LLM applications installed as well as AI/LLM technology embedded within popular Chrome and Firefox browser extensions.

This new capability provides C-Level leaders & risk managers with a simplified view of AI/LLM usage within the enterprise environment by providing an AI Asset Inventory summary, a best practice recommended in the OWASP LLM AI Cybersecurity & Governance Checklist. These new detection & summary capabilities will continue to be expanded as Tenable provides industry leading coverage to customers who seek to embrace emerging technology while managing the many unknown, undetected risks associated with AI & LLM usage in their environments.

To request new detections in this sphere, reach out to your Customer Success Manager (CSM) or use https://suggestions.tenable.com/.

Impact

  Customers leveraging AI/LLM technology will notice a new software summary report plugin listing software found in scan results. They will also see additional vulnerability detection and exposure plugins as new software & exposure detections are developed, tested, and released. The initial list of plugins supporting this summary reporting capability are listed below and as time-since-publication advances, new plugins will be added to the software reporting summary, which might not be displayed in this Research release highlight.

Plugin(s)

AI/LLM Software Report (196906)

PyTorch Detection (184082)

TensorFlow Detection (195192)

ZenML Detection (194954)

Ray Dashboard Detection (193560)

H2O Flow Detection (194478)

NextChat Detection (194719)

Intel Neural Compressor Library Detection ( 198067)

Target Release Date

May 29th, 2024