Tracking AI Exposure using Tenable Security Center

AI is rapidly transforming how organizations work, accelerating productivity, innovation, and decision making across the enterprise. The security operations team and risk managers are working tirelessly to understand and identify the threats of this new and unfamiliar AI tools users continue to rapidly adopt. Organizations using the Tenable Security Center are able to identify the AI applications, infrastructure, identity, agents, and data that increase risk. This dashboard provides the ability to correlate these relationships and helps security teams prioritize the AI exposures that matter most and reduce AI risk across the organization.

Tenable provides visibility into the AI Exposure Management Gap. The risk management gap is created as AI is embedded everywhere, some examples are productivity tools, SaaS platforms, developer libraries, cloud services, APIs, agents, and public-facing applications. The ever expanding adoption creates an invisible attack surface that security teams may not be equipped to manage. As part of the assessment the risk manager needs to consider that AI usage exists far beyond any centrally managed systems. The invisible attack surface is growing as shadow AI software is installed, forgotten test deployments, browser extensions, and externally exposed services quietly expand beyond the organization’s perimeter. These hidden attack paths bring to light the risks that are not present on a single asset, but span applications, agents, and identities that use the AI products and services. The AI products are deeply interconnected and are often overprivileged or misconfigured. With each interaction more data is exposed to leakage or without proper guardrails to protect sensitive intellectual property, customer data, and internal knowledge.  

The actions of a normal well meaning user can become a high-impact exposure. The AI risk doesn’t emerge in one place, across the user’s exposure footprint. The widgets in this dashboard provide the security team with a view into this hidden path and enables the management of this hidden risk instead of being left reacting to symptoms. The dashboard provides 4 avenues to expose the hidden threats, the first leverages Nessus plugin 196906 (AI/LLM Software Report) which consolidate browser extensions that can be installed by users without any elevated permissions, for example ChatGPT for Google. The second avenue uses informational plugins, such as 233770 (Ollama Installed), which detect applications that have been installed by user or other packages. The third avenue identifies known vulnerabilities detected by Nessus, Nessus Network Monitor, and Web App Scanner related to AI software.  The final search for Model Context Protocol (MCP), which is an open-source standard for connecting AI applications to external systems.

Tenable Security Center enables the discovery of AI across the organization and delivers a risk-aware view of the AI presence and utilization and where exposure exists. As the security operations team begins to discover AI  usages across the environment, the risk management team can establish a compliant AI adoption strategy that eliminates blind spots and monitors how employees interact with GenAI and autonomous agents. The dashboard helps to raise risk awareness and protect AI workloads and agents by reducing AI risk and enabling the protection of the systems that power AI, closing the exposure gaps. With heightened awareness the risk management team is able to recommend policy changes to better govern AI usage and enable secure, compliant AI adoption in the organization and to reduce data exposure and misuse without slowing innovation or productivity.

Components

• AI/LLM Exposure - Vulnerabilities By Subnet:  This chart provides a high level view of the at risk networks with AI software vulnerabilities detected with Nessus and Web Application Scanner.
• AI/LLM Exposure - Assets with AI Software Installations:  This table provides a list of assets with AI software installed across the organization detected with Nessus and Web Application Scanner.
• AI/LLM Exposure - Assets with AI Software Vulnerabilities:  This table provides the most vulnerable Assets with AI software detected with Nessus and Web Application Scanner.
• AI/LLM Exposure - Discovery Analysis:  This widget provides summary counts of AI/LLM software used by leveraging the Nessus plugin family Artificial Intelligence to detect AI/LLM usage in 3 ways: AI application detections, AI software vulnerabilities and AI software detected by Web App Scanner. The first column provides an asset count based on either the detection method Nessus or WAS. The next two columns provide the finding count for detection plugins and vulnerability plugins. By combining all methods of data collection, the risk managers are able to identify problem areas and other risks associated with AI/LLM.
• AI/LLM Exposure - Vulnerability Trending:  This widget provides historic counts of AI/LLM software used by leveraging Nessus and Web Application Scanner to detect AI/LLM vulnerabilities. The trendlines are based on the severity levels, plugin family Artificial Intelligence, and last seen date.
• AI/LLM Exposure - Assets with AI/LLM Software Reports:  Tenable Security Center utilizes advanced detection technologies in the Nessus plugin AI/LLM Software Report (196906) to surface AI software, libraries, and browser extensions. Risk managers use this chapter to begin a comprehensive review of the AI/LLM packages in systems and web applications, along with associated vulnerabilities, mitigating risks of exploitation, data leakage, and unauthorized resource consumption. This widget provides a list of the affected assets found to be vulnerable to AI based vulnerabilities.
• AI/LLM Exposure - Model Context Protocol (MCP):  Tenable provides two fundamental detections, the detection of MCP based Server-Sent Events (SSE) and MCP JSON Configuration files. The SSE detection plugin enables the organization to maintain visibility into their AI infrastructure by identifying servers that provide tools, prompts, and data resources to Large Language Models (LLMs). While the MCP configuration plugins perform scans on the asset to identify configuration files associated with the MCP system. This component provides information both  Nessus and WAS MCP detections.
• AI/LLM Exposure - Software Known to Nessus:  This table provides the most prevalently installed AI software across the organization detected with Nessus and Web Application Scanner. This widget uses the plugin family of Artificial Intelligence and informational severity; this pattern presents the findings that focus on the detection of AI software, but not vulnerabilities.
• AI/LLM Exposure - Vulnerabilities Detected:  This table provides the most vulnerable AI software used across the organization detected with Nessus and Web Application Scanner.