AI Access Security enables organizations to safely adopt GenAI
applications by employees by mitigating the risks posed by inadvertent data leakage in
prompts and malicious content in responses.
Where Can I Use This?
What Do I Need?
NGFW (Managed by Panorama or Strata Cloud Manager)
Prisma Access (Managed by Panorama or Strata Cloud Manager)
One of the following:
AI Access Security license
CASB-PA license
CASB-X license
Generative artificial intelligence (GenAI) applications are AI applications capable of
generating text, images, videos, and other forms of data in response to user prompts and
continuously learn based on user data inputs. Their usage is proliferating at an
astonishing rate and offer limitless opportunities for businesses. However, the nature
by which GenAI applications contentiously improve presents a new danger to businesses
and security administrators—how can you ensure your employees are not exposing sensitive
or proprietary data to GenAI apps?
Palo Alto Networks introduces AI Access Security to enable safe adoption of
GenAI applications across your organization by mitigating the risks posed by data
leakage in prompts and malicious content in responses. AI Access Security
offers an extensive dictionary of GenAI applications to help identify GenAI apps
alongside contextual, fine-grained access control policy rules to prevent exfiltration
of sensitive data. AI Access Security provides detailed monitoring
capabilities allowing you to filter for specific GenAI apps, users, GenAI use cases
allowing you to write targeted Security policy rules control what type of data is or
isn't allowed for specific GenAI applications used by your organization.
AI Access Security follows a set of core principals allowing your organization
to safely leverage GenAI apps while ensuring your sensitive or proprietary data isn't
exposed.
Learn how AI Access Security identifies and controls GenAI apps to enable
organizations to safely adopt GenAI applications.
AI Access Security provides robust tools to identify and control GenAI app
usage on your network. Hundreds of GenAI apps have been categorized and mapped with
AI-specific attributes to generate bespoke risk scores that empower InfoSec teams to
make informed decisions. What’s more, AI Access Security not only helps
businesses understand GenAI adoption and usage, it prevents sensitive data loss and
provides real-time threat detection for both sanctioned and shadow AI apps. Security
administrators can immediately improve risk posture while simultaneously empowering
users to securely harness the power of GenAI.
Attributes—AI Access Security provides a detailed description of the
GenAI app functionality and the attributes your security administrators use to create a
Web Security or Security policy rule and when AI Access Security calculates a GenAI app risk score.
Access Control—Create Web Security or Security policy rules to control access to
GenAI apps. You can control access to GenAI apps for:
User groups for sanctioned, unsanctioned, or tolerated GenAI apps. You can
also control GenAI app usage based on description, risk, or use case.
Block or allow specific functionality within a specific GenAI app or for a
category of GenAI apps.
Control access for GenAI app browser extensions, plugins, and custom
GPTs.
Enterprise Accounts and Custom GenAI Apps—You can sanction user group access to a
GenAI app when using an enterprise account while blocking access to publicly available
GenAI apps. Additionally, you can control user group access for custom GenAI apps that
have outbound internet access.
Comprehensive Visualization and Reporting
Learn how AI Access Security provides comprehensive visualization and
reporting capabilities to allow you to monitor GenAI app usage.
AI Access Security administration is managed entirely on Strata Cloud Manager
for a single pane of glass management experience across your security enforcement
channels includes a detailed dashboard with trends allowing you to filter and explore
usage based on users, data transfers, GenAI apps, and use cases across all channels.
AI Access Security provides a comprehensive dictionary of over 500 GenAI apps
and 60+ attributes to accurately discovers and monitor GenAI adoption, usage and risk.
Additionally, AI Access Security uses context-aware LLM-powered data
classificatin with over 300 classifiers to provide high accurate sensitive data
discovery capabilities.
AI Access Security includes support for persona-based access with the ability
to grant role-based access controls for administrators focused on setting policy or
mitigating risk.
Data Protection
Learn how AI Access Security secures GenAI app usage to enable
organizations to safely adopt GenAI apps.
AI Access Security provides data protection, posture management, and zero
trust security all in one solution across all your enforcement points. Enterprise DLP, Palo Alto Networks' cloud-based data loss prevention service that uses AI and
supervised machine learning algorithms, is the detection engine that fuels AI Access Security's ability to block exfiltration of sensitive data for file
and nonfile based traffic and text prompts. Enterprise DLP data patterns and data profiles specify the match criteria used
to determine whether traffic that matches a Web Security policy rule contains sensitive
data. You can create custom data patterns and profiles or use predefined data patterns and profiles to
detect personally identifiable information (PII), propriety source code, intellectual
property, customer data, and more.
AI Access Security also inspects responses from sanctioned and tolerated GenAI
apps to ensure threat actors don't gain access to your network or initiate an attack in
the event a GenAI application is compromised. AI Access Security inspects all
files, URLs, and code snippets returned by a GenAI in response to a user prompt for
sanctioned and tolerated GenAI apps.