>_AYSOLI SECURITY HUB
THREAT AREA

shadow-ai prevention

Employees often use private accounts for tools like ChatGPT to facilitate their work. In the process, corporate data flows uncontrollably into public models.

Your Strategy

Bans alone do not help. Offer an attractive, secure internal alternative and use technical controls (CASB, DLP) to prevent the outflow of data to non-approved AI tools.

Best Practices

  • Governance: Establish a clear AI policy governing the handling of company data.
  • Monitoring: Use cloud security gateways to make the use of AI services transparent.
  • Education: Educate employees about the risks of public AI models.

STRIDE-LM Design Risks

SpoofingS-01

Identity Spoofing

Attacker impersonates a legitimate user or partner.

TamperingT-01

Data Tampering

Unauthorized modification of shared data or configurations.

RepudiationR-01

Audit Log Manipulation

Deleting or altering traces of an action.

Information DisclosureI-01

Sensitive Data Exposure

Unintentional disclosure of internal information to externals.

Denial of ServiceD-01

Resource Exhaustion

Overloading systems through massive requests or resource hogging.

Elevation of PrivilegeE-01

Privilege Escalation

Gaining privileges beyond what is intended.

Lateral MovementL-01

Lateral Movement

Accessing further internal systems after initial login.

Monitoring GapsM-01

Insufficient Logging

Missing or inadequate recording of security-relevant events.

MITRE ATT&CK® Techniques

Reconnaissance
T1592

Gather Victim Digital Network Information

ATT&CK

Collecting information about the target infrastructure.

Mitigated by
Data Loss Prevention (DLP)Baseline ProtectionMedium
CIS: 13.3NIST: PR.DS-1
Output Content FilteringBaseline ProtectionLow
NIST: AI-1.2OWASP: LLM02
Initial Access
T1566

Phishing

ATT&CK

Delivering malicious content via electronic communication.

Mitigated by
Conditional Access PoliciesBaseline ProtectionMedium
CIS: 6.1NIST: PR.AC-7OWASP: API2
Output Content FilteringBaseline ProtectionLow
NIST: AI-1.2OWASP: LLM02
T1078

Valid Accounts

ATT&CK

Exploiting existing credentials for access.

Mitigated by
Conditional Access PoliciesBaseline ProtectionMedium
CIS: 6.1NIST: PR.AC-7OWASP: API2
Credential Access
T1539

Steal Web Session Cookie

ATT&CK

Capturing active session tokens to bypass authentication.

Mitigated by
Conditional Access PoliciesBaseline ProtectionMedium
CIS: 6.1NIST: PR.AC-7OWASP: API2
T1552

Credentials from Password Stores

ATT&CK

Extracting passwords from web browsers or password managers.

Mitigated by
Output Content FilteringBaseline ProtectionLow
NIST: AI-1.2OWASP: LLM02
Collection
T1213

Data from Information Repositories

ATT&CK

Accessing data from knowledge bases (SharePoint, Confluence).

Mitigated by
AI Usage PoliciesBaseline ProtectionLow
CIS: 17.1NIST: AI-Governance
Data Loss Prevention (DLP)Baseline ProtectionMedium
CIS: 13.3NIST: PR.DS-1
Tenant RestrictionsExtended ProtectionMedium
CIS: 6.1NIST: PR.AC-3
Sensitivity Labels (Purview)Extended ProtectionHigh
CIS: 13.2NIST: PR.DS-1
Exfiltration
T1567

Exfiltration Over Web Service

ATT&CK

Data leakage via legitimate web interfaces.

Mitigated by
AI Usage PoliciesBaseline ProtectionLow
CIS: 17.1NIST: AI-Governance
Data Loss Prevention (DLP)Baseline ProtectionMedium
CIS: 13.3NIST: PR.DS-1
Tenant RestrictionsExtended ProtectionMedium
CIS: 6.1NIST: PR.AC-3
SIEM IntegrationExtended ProtectionHigh
CIS: 8.5NIST: DE.AE-3NIST: DE.CM-1OWASP: A09:2021
Sensitivity Labels (Purview)Extended ProtectionHigh
CIS: 13.2NIST: PR.DS-1
T1020

Automated Exfiltration

ATT&CK

Automated exfiltration of data via interfaces.

Mitigated by
AI Usage PoliciesBaseline ProtectionLow
CIS: 17.1NIST: AI-Governance
Bot Management & Anti-ScrapingExtended ProtectionMedium
CIS: 12.1OWASP: A04:2021
Sensitivity Labels (Purview)Extended ProtectionHigh
CIS: 13.2NIST: PR.DS-1
Output Content FilteringBaseline ProtectionLow
NIST: AI-1.2OWASP: LLM02

Is your scenario more complex?

AYSOLI experts support you in implementing your specific security requirements.

Free consultation