AI rules identify misconfigurations and security flaws across your organization's AI ecosystem. These rules detect risks associated with AI infrastructure, supply chains, and data models for services such as AWS Bedrock, Amazon SageMaker, Azure OpenAI, and GCP Vertex AI.
Perform these steps to create a custom AI rule:
Navigate to Posture Management → Rules & Policies → Rules → Cloud Security.
Click on Create Rule → AI.
In the Overview step, provide the following:
Enter a Rule Name and Description.
Select a Severity. Findings generated by this rule will inherit this severity.
(Optional) Add Labels.
(Optional) Enable Remediation using the toggle. In a later step, you'll enter the remediation instructions.
(Optional) Associate this rule with a Compliance Control. Click Add, select one or more custom compliance controls from the list, and then click Assign. Custom configuration rules can only be associated with custom compliance controls.
Click Next.
In the Rule Logic step, use the query builder to define the detection criteria.
Use the "Select" dropdown to choose AI services, such as Dataset, AI Model, Model Endpoint.
Click WHERE to choose from the attributes of an asset. The list of attributes displayed varies, depending on the asset category you selected.
Set conditions, building logical statements that use attributes specific to AI assets. For example, you can create a rule that flags AI models trained on sensitive data buckets or AI models that have public exposures.
Click Search to see real-time results from your environment.
Click Next to define Remediation instructions (if you had turned on Enable Remediation in the Overview step) or click Done.
(Optional) In the text field, define remediation actions or provide other information that will be included on issues created by this rule.
Click Done to save your rule.