AI Security permissions

Abstract

Configure AI Security permission to control access to the AI Security module.

Cloud AI Security provides a comprehensive overview of the AI assets within an organization. It is designed to ensure AI security by offering tools to review and prioritize AI risks effectively. Users access these features by going to ModulesAI Security). This module covers the following:

  • AI Security Dashboard: An overview of AI security posture with asset summaries, risk breakdowns, and vulnerability widgets.

  • AI Inventory: A comprehensive inventory of all AI assets, such as Models, Model Endpoints, and Software Packages.

  • AI Security Issues: Security findings and posture violations related to AI assets.

  • AI Security Detection Rules: Rules that detect security issues in AI deployments.

For more information, see Cloud AI Security.

Notice

Requires Cloud Posture Security, Cloud Runtime Security, or Cortex XSIAM Premium license.

Permission

Description

Roles Example

None

No access to AI Security; AI Security functions are hidden.

View

Read-only access to AI Security, such as the AI Security Dashboard, AI Inventory, and AI Security Issues. Users cannot modify configurations or detection rules.

  • SOC Tier-1 Analyst: Needs visibility into AI Security issues and threats for initial triage. Can view the AI Security dashboard and inventory to understand the AI asset landscape and identify potential security incidents. Should not modify configurations or detection rules.

  • SOC Tier-2 Analyst: Requires deeper investigation capabilities for AI security incidents. Can review AI asset details, ecosystem relationships, and posture findings. May need to correlate AI security issues with broader incident context. Should not modify configurations.

  • Threat Hunter: Needs read-only access to AI Security inventory and issues for proactive threat hunting across AI assets. Can investigate AI ecosystem relationships, review model endpoints, and analyze AI-specific threats like model poisoning and prompt injection. Does not need edit access.

View/Edit

Full access to AI Security, such as modifying AI Security configurations, AI detection rules, and managing AI asset classifications.

  • SOC Tier-3 Analyst: Advanced analysts who may need to tune AI detection rules, manage AI security posture configurations, and take response actions on complex AI security incidents. Requires edit access for rule tuning and case response.

  • Security Engineer: Responsible for configuring and maintaining AI Security detection rules, posture policies, and integration with cloud environments. Needs full edit access to manage the AI security infrastructure.