Explore risks to pre-deployment generative AI artifacts

Defender Cloud Security Posture Management (CSPM) plan in Microsoft Defender for Cloud helps you to improve the security posture of generative AI apps, by identifying vulnerabilities in generative AI libraries that exist in your AI artifacts such as container images and code repositories. This article explains how to explore, identify security risks for those applications.

Prerequisites

Identify containers running on vulnerable generative AI container images

The cloud security explorer can be used to identify containers that are running generative AI container images with known vulnerabilities.

  1. Sign in to the Azure portal.

  2. Search for and select Microsoft Defender for Cloud > Cloud Security Explorer.

  3. Select the Container running container images with known Generative AI vulnerabilities query template.

    Screenshot that shows where to locate the generative AI vulnerable container images query.

  4. Select Search.

  5. Select a result to review its details.

    Screenshot that shows a sample of results for the vulnerable image query.

  6. Select a node to review the findings.

    Screenshot that shows the details of the selected containers node.

  7. In the insights section, select a CVE ID from the drop-down menu.

  8. Select Open the vulnerability page.

  9. Remediate the recommendation.

Identify vulnerable generative AI code repositories

The cloud security explorer can be used to identify vulnerable generative AI code repositories, that provision Azure OpenAI.

  1. Sign in to the Azure portal.

  2. Search for and select Microsoft Defender for Cloud > Cloud Security Explorer.

  3. Select the Generative AI vulnerable code repositories that provision Azure OpenAI query template.

    Screenshot that shows where to locate the generative AI vulnerable code repositories query.

  4. Select Search.

  5. Select a result to review its details.

    Screenshot that shows a sample of results for the vulnerable code query.

  6. Select a node to review the findings.

    Screenshot that shows the details of the selected vulnerable code node.

  7. In the insights section, select a CVE ID from the drop-down menu.

  8. Select Open the vulnerability page.

  9. Remediate the recommendation.