XM Cyber has added AI exposure management features to its continuous threat exposure management platform, expanding coverage to include shadow AI, agent infrastructure and managed cloud AI services.
The update adds discovery and inventory capabilities for AI usage and related infrastructure, and extends attack path analysis to include AI resources and associated misconfigurations across hybrid environments.
Shadow AI
A core element of the release is visibility into unsanctioned use of AI services. XM Cyber says it can identify AI tool usage across browsers and installed applications, as well as Model Context Protocol (MCP) servers.
The discovery function covers public AI services including OpenAI, Claude, Cursor and Gemini. The goal is to help security teams see where AI tools appear in the environment and whether staff may be sharing company data with services outside approved controls.
The system can also flag AI resources configured with data exfiltration tools such as curl, wget and netcat. It checks for risky privileges, including sudo access and the presence of shell interpreters, which can increase the impact of a compromised host.
MCP inventory
The release adds inventory for MCP servers, creating an automatic catalogue of configured MCP servers to help track agentic AI deployments.
MCP servers can sit alongside other components in AI development and operations, including tool integrations and data connectors. As AI deployments spread across central IT, engineering teams and business functions, asset inventory has become a growing focus for security teams.
Cloud AI services
The platform now covers managed cloud AI services, including AWS Bedrock, Google Cloud Vertex AI and Microsoft Azure OpenAI, extending visibility to AI development and training resources hosted in the cloud.
Managed AI services are typically governed through identity and access management, resource-based policies and service-specific permissions. Security teams have highlighted the difficulty of mapping these controls alongside traditional cloud infrastructure and on-premises systems.
Attack path mapping
XM Cyber is extending its Attack Graph Analysis to incorporate AI and MCP server exposures into attack path mapping. The platform is designed to show how exposures involving AI resources can chain with other weaknesses across a hybrid estate.
Attack path analysis is a common approach in exposure management, with vendors modelling routes from an initial foothold to high-value systems. XM Cyber positions the update as a way to include AI infrastructure in the same model organisations use for cloud and on-premises environments.
XM Cyber says this approach can highlight routes from internet-facing exposures to cloud AI models, and then to internal data stores and operational systems. The aim is a consolidated view of risk across the full environment, rather than separate tools for AI security.
Credential scanning
The update also introduces credential exposure detection focused on AI-related configuration. XM Cyber says it scans MCP configurations, environment variables and instruction files for hardcoded API keys and tokens.
Security teams have long treated embedded credentials as high risk because they can grant direct access to services without interactive authentication. AI projects can increase that risk due to rapid prototyping, use of third-party tools and configuration spread across code repositories and deployment pipelines.
Governance and compliance
XM Cyber is adding governance features that map AI deployments against regulatory and risk frameworks, including the EU AI Act and the NIST AI Risk Management Framework.
The platform can also detect configuration drift in AI server definitions between scans to identify unauthorised changes that alter the security posture of AI infrastructure.
As part of the update, XM Cyber says it also continuously validates whether AI infrastructure aligns with organisational security policies.
Research focus
The release builds on research by the XM Cyber Research Team into vulnerabilities and misconfigurations in cloud AI development services, including AWS Bedrock, Google Cloud Vertex AI and Azure OpenAI.
XM Cyber says its researchers mapped permissions and resource-based policies that, if mismanaged, can allow unauthorised access to proprietary models and sensitive training data. The company says it is incorporating those findings into its Attack Graph Analysis as part of its broader CTEM framework.
“Rapid AI adoption has created a dilemma for security leaders: innovate at speed, or maintain the controls needed to stay secure. Our new functionality eliminates this friction by enabling security teams to identify and remediate AI-related exposures before attackers can exploit them,” said Boaz Gorodissky, CTO and co-founder of XM Cyber.
“Our platform now identifies AI exposures as part of an integrated attack surface, and can map how they chain together with other exposures to create attack paths. Our customers believe these capabilities are fundamental to their ability to adopt AI safely, and we’re excited to deliver such business-critical functionality,” Gorodissky said.
XM Cyber, owned by Schwarz Group since 2021, says the new AI exposure management features are part of its ongoing expansion of CTEM coverage across cloud and on-premises environments.