>
    Discover Risks Posed by GenAI Apps by App Users
    Focus
    Download PDF
    Focus
    1. Home
    2. AI Access Security
    3. Discover Risks Posed by GenAI Apps
    4. Discover Risks Posed by GenAI Apps by App Users
    Download PDF
    AI Access Security

    App Users

    Table of Contents

    Discover Risks Posed by GenAI Apps by App Users

    Discover the risks posed by risky users accessing generative AI (GenAI) applications.
    1. Log in to Strata Cloud Manager.
    2. Select InsightsAI Access to view the AI Access Security Insights dashboard.
      This displays the top GenAI apps that risky users accessed to help narrow your focus.
    3. Click Review use case for the GenAI app Use Case associated with the GenAI app your risky users are accessing.
      The AI Access Security Insights dashboard displays the GenAI application accessed on your network by use case by default and displays the following high-level information about your top GenAI app users. Click on the user count o view the User Name or IP Address and the number of GenAI Applications that user accessed.
      • User Breakdown
        The provides a summary of the total number of users accessing any GenAI app associated with the selected GenAI use case. A breakdown is provided of how many users are accessing Sanctioned, Tolerated, and Unsanctioned applications.
        Click Total Users to view a list of all users accessing GenAI apps associated with the selected use case.
      • Users by GenAI Use Case
        This provides a summary of the total number of users accessing each individual GenAI app associated with the selected GenAI use case. The Sanctioned, Tolerated, and Unsanctioned GenAI apps are listed with the total user count for each individual app.
        Apply the User Count Sort By filter to sort GenAI apps from higher to lowest user count.
    4. Create a custom Security policy rule to control access to a GenAI application for specific users.
      For example, based on your investigation you discover that a large number of users are accessing the bing-ai-uploading GenAI app. While this is a Sanctioned GenAI, it's only sanctioned for a specific set of users within your organization. You can decide to write a policy rule to explicitly block access to users which shouldn't have access to this GenAI app to prevent misuse and a Security policy rule to explicitly allow access to users who are approved to access the GenAI app. Alternatively, you can write a policy rule to allow access for all users but implement data loss and threat prevention measures to prevent exfiltration of sensitive data and prevent threats such as malicious and phishing URLs, malicious files, or malware.

    © 2024 Palo Alto Networks, Inc. All rights reserved.