Listen to this Post
Microsoft’s Defender CSPM has enhanced its AI Security Posture Management (AI-SPM) capabilities, extending support to additional cloud service providers and AI models. Key updates include:
✅ Google Vertex AI Models – Discovery of AI inventory, vulnerability assessment, attack path analysis, and remediation recommendations. (Preview available May 1)
✅ Azure AI Foundry & Custom Models – Full support for Meta Llama, Mistral, DeepSeek, and custom models. (Generally Available)
✅ New “Data and AI Security Dashboard” – Unified visibility into multi-cloud datastores and AI services, prioritized recommendations, and critical attack path analysis. (GA on May 1)
🔗 Read more: https://lnkd.in/diYPfAGw
You Should Know:
1. AI Inventory Discovery with Defender CSPM
Use the following PowerShell command to check AI model inventory in Azure:
Get-AzResource -ResourceType "Microsoft.MachineLearningServices/workspaces/models"
For Google Vertex AI (via GCP CLI):
gcloud ai models list --region=us-central1
2. Vulnerability Scanning for AI Models
Run a posture assessment in Defender CSPM:
az security assessment create --name "AI-Model-Vulnerability-Scan" --resource-id <model_resource_id>
3. Attack Path Analysis
Extract attack paths using KQL in Microsoft Sentinel:
[kql]
SecurityIncident
| where ProviderName == “Defender CSPM”
| extend AttackPaths = parse_json(AttackPaths)
| project IncidentName, AttackPaths
[/kql]
4. Remediation Automation
Apply a security recommendation via Azure CLI:
az security task update --name <task_id> --status "Completed"
5. Monitoring AI Models in Multi-Cloud
For AWS SageMaker models:
aws sagemaker list-models --query "Models[].ModelName"
What Undercode Say:
AI Security Posture Management is critical as AI adoption grows. Defender CSPM now bridges multi-cloud AI security gaps, but manual verification remains essential. Key Linux/Windows commands for AI security:
- Linux:
</li> </ul> <h1>Check running AI containers</h1> docker ps --filter "name=ai-model" <h1>Scan for exposed APIs</h1> nmap -sV --script=http-vuln-cve2023-1234 <AI_service_IP>
- Windows:
</li> </ul> <h1>List AI-related services</h1> Get-Service | Where-Object {$_.DisplayName -like "*AI*"} <h1>Check Defender CSPM alerts</h1> Get-MpThreatDetection | Where-Object {$_.Tags -contains "AI-SPM"}- Cross-Cloud AI Security:
</li> </ul> <h1>Use Steampipe for multi-cloud AI asset tracking</h1> steampipe query "select name, model_type from gcp_ai_model"
Always validate AI model permissions:
<h1>Azure RBAC check</h1> az role assignment list --assignee <ai_service_principal>
Expected Output:
A consolidated AI security dashboard with:
- Discovered AI models across Azure, GCP, and custom deployments.
- Prioritized vulnerabilities and attack paths.
- Automated remediation status logs.
🔗 Reference: Microsoft Defender CSPM Updates
References:
Reported By: Markolauren Defendercspm – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅Join Our Cyber World:
- Cross-Cloud AI Security:
- Windows:



