AI security AI security AI securityAI security AI security
- 1. 如何因應 AI 時代帶來的 資安挑戰 如何安全地應用 GenAI 的服務
- 2. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2024 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information © 2024 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information
- 3. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
- 4. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information.
- 5. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. Conversational Chats Code Assistants & Generators Video & Image Generators Writing Assistants And more… 原生 AI 應用程式正在爆炸式增長 12,000+ 預計到 2030 年使用的 AI 應用程式。 Source: Pitchbook's Generative AI Emerging Space, Artificial Intelligence & Machine Learning Analyst Curated Vertical and SaaS Vertical AI 正在改變員工生產力
- 6. © 2024 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. 55% 的員工在工作中使用 過未經批准的 GenAI 工具。 IOTW: Samsung employees allegedly leak proprietary information via ChatGPT Three separate employees have allegedly leaked information to the AI chatbot US House forbids staff members from using AI chatbot Microsoft Copilot House Office of Cybersecurity has deemed Microsoft Copilot a risk to users because of the threat of leaking House data to non-House approved cloud services. Microsoft accidentally exposes 38TB of internal data via GitHub repository 38 terabytes of internal data, including passwords, publicly accessible through a GitHub repository that Microsoft’s artificial intelligence research group uses Source: Salesforce 2023 影子 AI 應用程式 產生安全盲點 敏感數據洩漏 源於未經檢查的 GenAI輸入 和回應 惡意內容 來自 GenAI 回應 對用戶構成風險 隨著 GenAI 應用程式使用量的增加, 安全風險也隨之增加
- 7. © 2024 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. ChatGPT4 Enter your message to start a chat. This could be a question, a statement, or any other text. You Can you help me optimize the following code? import boto3 aws_access_key_id=‘ACCESS_KEY_ID_HERE’ aws_access_key_id=‘SECRET_KEY_ID_HERE’ aws_session_token=‘SESSION_TOKEN_HERE’#Optional, only needed if you are using temporary credentials #Create a session using your credentials session-botos3.Session( aws_access_key_id=aws_access_key_id, aws_secres_access_key=aws_secret_access_key, aws_session_token=aws_session_token#Remove if not using temporary credentials) E 員工在使用 GenAI 應用程式時可能會在不 知不覺中使用機密數據. 上傳的數據可用於訓練 AI 模型,可能會洩 露專有資訊或導致意外數據洩露. GenAI 應用程式需要嚴格審查數 據上傳
- 8. © 2024 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. 具有 AI 驅動的第三方整合的互連 SaaS 生態系統會產生安全漏洞,使檢 測和控制複雜化。 這會導致安全漏洞和不遵守法規要求 的風險增加。 Weekly Team Meeting Ralph Duncan Good Morning. Welcome to this week’s team morning. First off, I’d like to congratulate everyone. All of our efforts and hard work has paid off. We reached our goal and sold $10 million the last quarter of 2024. Congratulations! Ralph Duncan We also closed a big deal in Canada last week. Everything’s looking good. Hyun-Jae, how’s our client in Japan? Su Hyun-Jae We’re experiencing little hiccups Ralph. The last time I talked to the Marketing Team they are coming up with solutions on how to solve this problem. They are looking into rebrand our Japan client. But I have to follow them up on that. Mitchel should get the details about an upcoming launch this Thursday. AI Meeting Assistant Notes Search Home My Conversations Groups General Marketing Product design Sales Support Direct Messages Steven Charlies James Folders Edit Record 未檢測到的 GenAI 外掛程式 可能會導致未經授權的數據 訪問
- 9. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. 安全確保 GenAI 應用程式採用需要什麼 快速發展、功能強大的應用程 式可以輕鬆存取。 第三方 AI 外掛程式的 可視性和控制。 檢測許可權過高的外掛程式。 PASSWORDS SSN CREDIT CARD SECRETS AI 應用程式攝取非結構化 輸入並生成多樣化的輸出。 使用基於上下文感知 ML 的檢測器進行 精細數據控制。 能夠在 GenAI 回應中防範威脅。 全面的 GenAI 應用程式 目錄,保持同步。 AI 應用程式創建的自由化 導致了不安全應用程式的 蔓延。 PRODUCTIVITY CODE ASSISTANTS/GENERATORS WRITING ASSISTANTS PP AI 應用程式存儲、學習和 迭代數據。 了解哪些應用程式正在對 您的資料進行訓練 GenAI APP HIGH NO YES RISK ENCRYPTION MODEL TRAINING 挑戰 解決方案
- 10. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. Palo Alto 的做法:使用 AI Access Security 以實現 AI 的安全使用 AI 使用方式的即時可視性 查看使用了哪些 AI 應用程式以及由誰使用。 精細的數據保護 掃描共享的數據、金鑰和IP(專利權)。 強大的存取控制 阻止未經批准的應用程式,實施安全策略, 並抵禦威脅。 POint 3
- 11. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. 步驟 1:AI 應用的可視性 Visibility App Access Controls Data Access Controls Security Controls Continuous Monitoring 瞭解不同使用案例中的 GenAI 應用 程式使用方式。 2000+ GenAI 應用程式的詳細目錄。 深入瞭解 60+ 應用程式屬性。
- 12. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. 步驟 2:分類和應用程式存取控制 Visibility Data Access Controls Security Controls Continuous Monitoring App Access Controls 將應用程式分為 Sanctioned、 Tolerateed 和 Unsanctioned。 為每個使用案例獲得量身定製的可見 性和控制措施。 使用 OOTB (開箱即用) 最佳實踐策略設 置強大的應用程式存取控制。
- 13. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. 步驟 3:數據存取控制 Visibility App Access Controls Security Controls Continuous Monitoring Data Access Controls 設置上下文內聯策略,以防止敏感數據洩 露到 GenAI 應用程式。 通過 Prisma Access 代理(Agent)和瀏 覽器整合進行終端用戶教育。 直接通過 Prisma Access Browser 查看 加密流量。 利用 LLM 支援的上下文感知 ML 模型, 對 300+ 種類別的數據進行分類。
- 14. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. 步驟 4:安全控制 Visibility App Access Controls Data Access Controls Continuous Monitoring Security Controls 在 SaaS 服務中發現互連的 GenAI 應用 程式。 識別、監控和修復未經授權的 AI 機器 人。 檢測 GenAI 應用程式回應中的威脅(惡意 URL、檔案)。 監控和維護 GenAI 應用程式狀況以 確保合規性。
- 15. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. 步驟 5:持續風險監控 Visibility App Access Controls Data Access Controls Security Controls Continuous Monitoring 查看各種 GenAI 應用類別的採用和使用 狀況。 提供 GenAI 應用程式使用方式、風險、 安全性和合規性的綜合報告。 用於加強 GenAI 應用程式安全控制的上下 文建議。
- 16. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. “雖然 AI 應用程式提高了我們 員工的工作效率,但它們也可能 帶來安全問題。AI Access Security 使我的安全團隊不僅 能夠全面瞭解 AI 應用程式,還 可以全面做到存取控制和持續監 控。” 米拉·拉賈維爾 Palo Alto Networks 首席資訊 官 Palo Alto Networks IT 參考案例 團隊 試圖... 主要成效 l 發現網路上的所有 GenAI 應用程式。 l 對現有和新興的 GenAI 應用程式進行分類。 l 防止敏感數據丟失。 l 指導最終使用者安全使用 GenAI。 ● 發現了 124 個 GenAI 應用程式,每周有 3 個新 應用程式。 ● 將應用程式分類為「已批准」(11 個)、」容忍 “(18 個)和”未批准“(95 個),並能夠自 動阻止新應用程式。 ● 實施了 12 個新的 DLP 策略,以保護敏感的原始 碼、金鑰、訪問token和憑證等資訊。
- 17. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2024 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. 隨時隨地即時防範威脅 © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. IoT/OT Devices Contractors Branch Campus SaaS Data Center Internet Public Cloud Hybrid Workers AI Apps 政策制定一次,隨處執行。使用 生成式人工智慧主動加強安全性 並防止中斷。 統一管理與營運 Strata Cloud Manager with built-in ADEM, AIOps and Copilot 使用機器學習和深度學習應用 於來自 70,000 多個客戶的豐 富資料,即時預防威脅。 AI 驅動的即時安全 透過一致的作業系統簡化安全 性。透過合適的建置保護每個 位置。 單一感測器,多種外形 種類 Precision AI Network Security Bundle IoT/OT Security Data Security Hardware Prisma Software
- 18. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. Home Mobile Campus Branch Employees Vertex AI Hugging Face Lightning AI Replicate WandB NLP Cloud Adobe Firefly Codeium Coveo Elai Hypotenuse Perplexity AI Sapling AI Swimm AI and more (2.5K+ AI related Apps today1 )… ChatGPT SageMaker Grammarly Copysmith 1.Estimated based on data from Tracxn.com Palo Alto Networks AI Access Security 保護員工對 Gen AI 的使用 Sanctioned Tolerated Unsanctioned PANW AI Access 支援安全的 AI 採用 即時的可視性 強大的存取控制 精細數據保護
- 19. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2023 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. © 2025 Palo Alto Networks, Inc. All rights reserved. Proprietary and confidential information. Thank You