Defender CSPM Expands AI Security Posture Management (AI-SPM) for Multi-Cloud and AI Models

Listen to this Post

Microsoft’s Defender CSPM has enhanced its AI Security Posture Management (AI-SPM) capabilities, extending support to additional cloud service providers and AI models. Key updates include:

✅ Google Vertex AI Models – Discovery of AI inventory, vulnerability assessment, attack path analysis, and remediation recommendations. (Preview available May 1)
✅ Azure AI Foundry & Custom Models – Full support for Meta Llama, Mistral, DeepSeek, and custom models. (Generally Available)
✅ New “Data and AI Security Dashboard” – Unified visibility into multi-cloud datastores and AI services, prioritized recommendations, and critical attack path analysis. (GA on May 1)

🔗 Read more: https://lnkd.in/diYPfAGw

You Should Know:

1. AI Inventory Discovery with Defender CSPM

Use the following PowerShell command to check AI model inventory in Azure:

Get-AzResource -ResourceType "Microsoft.MachineLearningServices/workspaces/models" 

For Google Vertex AI (via GCP CLI):

gcloud ai models list --region=us-central1 

2. Vulnerability Scanning for AI Models

Run a posture assessment in Defender CSPM:

az security assessment create --name "AI-Model-Vulnerability-Scan" --resource-id <model_resource_id> 

3. Attack Path Analysis

Extract attack paths using KQL in Microsoft Sentinel:

[kql]
SecurityIncident
| where ProviderName == “Defender CSPM”
| extend AttackPaths = parse_json(AttackPaths)
| project IncidentName, AttackPaths
[/kql]

4. Remediation Automation

Apply a security recommendation via Azure CLI:

az security task update --name <task_id> --status "Completed" 

5. Monitoring AI Models in Multi-Cloud

For AWS SageMaker models:

aws sagemaker list-models --query "Models[].ModelName" 

What Undercode Say:

AI Security Posture Management is critical as AI adoption grows. Defender CSPM now bridges multi-cloud AI security gaps, but manual verification remains essential. Key Linux/Windows commands for AI security: