AI Risk Overview

Scenarios

AI Risk Overview displays the compliance status of the AI models in real time. It supports data corpus, inference services, and environment security risk operations. So, you can identify risks and potential threats of AI models in a timely manner. On the AI Risk Overview page, you can learn of your inference security, corpus security, and environment security.

• Inference security: SecMaster analyzes WAF attack and access logs and displays the number of API calls, the number of API calls that match protection policies, the domain names of top 5 inference models matching protection policies and the number of risks, prompt injection attack distribution, and inference model attack type distribution.
• Corpus security: SecMaster analyzes DSC alarm logs and displays the corpus risk types and quantity, and the distribution of top 5 corpus risk assets.
• Environment security: SecMaster analyzes its baseline checks, vulnerabilities, and alerts and displays the top 5 compliance check risks, top 5 vulnerability risks, top 5 alerts, and recent attacks in the current workspace.

Prerequisites

• Inference security depends on the Web Application Firewall (WAF). To use Inference Security in AI Risk Overview module, ensure that you have a valid cloud WAF edition in use. For details, see Buying a Cloud WAF Instance.
• Corpus security depends on Data Security Center (DSC). To use Corpus Security in AI Risk Overview module, ensure that the data security protection of AI models are within the validity period. For details about, see Buying DSC.
• You have integrated WAF attack logs, WAF access logs, and DSC alarm logs on the SecMaster console. For details about how to access cloud service logs, see Enabling Log Access.
• Only SecMaster professional edition supports this function.

Viewing the AI Risk Overview

1. Log in to the SecMaster console.
2. Click in the upper left corner of the management console and select a region or project.
3. Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
4. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 1 Workspace management page
   

5. In the navigation pane on the left, choose Situation Awareness > AI Risk Overview.
6. On the AI Risk Overview page, you can view the following information.

   Table 1 Parameters on the AI Risk Overview page

   Module	Parameter	Description
   Statistics period	Statistics Period	You can select or customize a time range to check the risk overview. The options are as follows: Last 24 hours Last 3 days Last 7 days Last 30 days Custom: You can customize the start time and end time.
   Inference Security	Inference Security	The Inference Security module displays the risk operation results of the AI model inference service within the specified statistical period. Total Requests: the total number of requests for AI models in WAF request logs. Hit Protection Policies: the total number of prompt injection attack, prompt content compliance, and response content compliance alerts identified in WAF attack logs. Prompt Injections: the total number of prompt injection attacks identified in WAF attack logs. Prompt Content Compliance Risks: the total number of prompt content compliance alerts identified in WAF attack logs. Response Content Compliance Risks: the total number of response content compliance alerts identified in WAF attack logs.
   	Request Trends	Request Trends: displays Total Requests and Hit Protection Policies over time. The data is updated in real time. Where, Total Requests: the number of requests for AI models in WAF request logs. Hit Protection Policies: the total number of prompt injection attack, prompt content compliance, and response content compliance alerts in WAF attack logs.
   	Top 5 Assets by Risks	This chart displays the domain names of the top five inference models that hit protection policies most based on WAF attack logs. You can also learn of how many attacks or risks have been identified for these models.
   	Prompt Injection Distribution	This chart displays the number of prompt injection attacks by type, including jailbreak, prompt leakage, role playing, insecure command topics, insecure viewpoints, reverse inducement, inappropriate content, compliance violations, and personal data, based on WAF attack logs.
   	LLM Attack Types	This chart displays the number of prompt injection, prompt content compliance, and response content compliance alerts identified in WAF attack logs. Attacks are displayed by type.
   Corpus Security	Top 5 Corpus Assets by Risks	This chart displays the top 5 OBS buckets with the most alerts reported in DSC attack logs. The number of alerts is calculated by bucket ID.
   	Text Risks by Category	This chart displays the number of text risks reported in DSC attack logs. Text risks include personal privacy, content compliance, and source or copyright compliance violations.
   Environment Security	Top 5 Compliance Checks	This chart displays the top 5 non-compliant risks with the most affected assets.
   	Top 5 Vulnerabilities	This chart displays the top 5 vulnerabilities within Statistical Period you specify in AI Risk Overview. Vulnerabilities with the same risk severity are sorted by vulnerability name.
   	Top 5 Alerts	This chart displays the top 5 alerts by the alert discovery time.
   	Latest Attacks	This chart displays attacks identified in Statistical Period you specify in AI Risk Overview. Attacks are alarms reported by other security services configured for each defense layer in SecMaster. For details about the seven defense layers, see Overview.