Wing Security announced today that it is now offering Free discovery and automatic control with paid tiers Over thousands of AI and AI-powered SaaS applications. This will enable companies to better protect their intellectual property (IP) and data from the risks of growing and evolving use of artificial intelligence.
SaaS applications seem to be growing every day, and so do their integrations of AI capabilities. According to a study of more than 320 companies by SaaS security company Wing Security, a staggering 83.2% of companies use GenAI applications. While this statistic may not come as a surprise, research shows that 99.7% of organizations use SaaS applications that leverage AI capabilities to deliver services. The use of GenAI in SaaS applications that are not “pure” AI is often overlooked by security teams and users.
70% of the most popular GenAI applications may use your data to train their models, and in many cases it’s entirely up to you to configure it in different ways.
when eBy examining hundreds of SaaS applications that use artificial intelligence, Wing Security is able to classify the different ways these applications use organizational data and provide solutions for this new threat:
Data storage: In some cases, AI stores data for long periods of time; in other cases, it only stores it for short periods of time. Storing data allows AI learning models and future models to continuously train them. That said, the main concern is to consider the many different types of attacks that occur on SaaS applications. When an application is compromised, the data it stores may also be compromised.
Model training: By processing large amounts of information, AI systems can identify patterns, trends and insights that humans cannot analyze. Through machine learning algorithms, artificial intelligence models learn from data and adjust over time, improving their performance and accuracy to provide better services to end users. The downside is that allowing these models to learn your coding, patents, sales, and marketing knowledge provides applications using artificial intelligence with a potential means of commoditizing your organization’s competitive advantage.For some, these knowledge breaches are considered more important than data breaches
Human factors: Some AI applications utilize human verification to ensure the accuracy and reliability of the data they collect. This collaborative approach, often referred to as “human-in-the-loop” or “human-assisted artificial intelligence,” involves integrating human expertise into algorithmic decision-making processes. This improves the accuracy of AI models, but also means that people working on GenAI applications are exposed to potentially sensitive data and expertise.
Leveraging Automation to Address AI-SaaS Risks
Wing’s recently announced AI solutions ensure security teams can better adapt to and control the growing and nearly unstoppable use of AI in their organizations. Their solution follows three basic steps—understand, evaluate, control.
Know: As with many security risks, the first step is to discover them all. When it comes to artificial intelligence, it’s not enough to just label the “usual suspects” or pure GenAI applications like ChatGPT or Bard. There are now thousands of SaaS applications using artificial intelligence to improve their services, and discovery must include any application that leverages customer data to improve its models. Like previous solutions, Wing will offer this first and essential step as a free self-service solution for users to onboard themselves and start discovering the scale of AI applications used by their employees.
Evaluate: Once a SaaS using AI is discovered, Wing automatically provides a security score and details how the AI uses company data: How long is it stored? Is there a human factor? Perhaps most importantly, is it configurable? Provides a detailed view of your application’s users, permissions, and security information. This automated analysis enables security teams to make more informed decisions.
control: Wing’s findings and analysis pinpoint the most critical issues that need to be addressed, allowing security teams to easily understand the level of risk and the type of action required. For example, deciding whether an application should be allowed to use, or simply configuring an AI element to better match its security policy.
The Secret: Automate All of the Above
By automating discovery, assessment, and control, security teams can save time focusing their efforts instead of trying to address a large and ever-changing attack surface. Subsequently, this significantly reduces risk.
Wing’s automated workflows also enable unique cross-organizational solutions: By allowing users to communicate directly with application administrators or users, Wing prompts smarter security solutions and a stronger inclusive security culture, while Not a simple blacklist or whitelist.
In an era of ubiquitous SaaS applications, their integration with artificial intelligence poses new challenges. On the one hand, the use of artificial intelligence has become an important tool for improving productivity, and employees should be able to take advantage of it to reap many benefits. On the other hand, as SaaS applications’ reliance on artificial intelligence continues to proliferate, the potential risks associated with data usage become more apparent.
Wing Security addresses this challenge by introducing a new approach designed to enable organizations to navigate and control the ongoing use of AI in their operations, while engaging end users and ensuring they have access to the AI-SaaS they need, Safety. Their automation control platform provides a comprehensive understanding of how AI applications leverage organizational data and expertise, addressing issues such as data storage, model training, and human factors in the AI cycle. Security teams can save valuable time due to clear risk prioritization and user engagement.
