The adoption of generative AI (GenAI) in enterprises leads to unmanaged risks termed shadow AI, resulting in data exposure and compliance issues. Statistics show significant traffic originating from popular GenAI tools like ChatGPT and Cursor AI. Organizations need improved visibility and security controls to manage these risks effectively.
Affected: enterprises, employees, IT teams, security teams
Affected: enterprises, employees, IT teams, security teams
Keypoints :
- Unmanaged risks associated with the rapid adoption of GenAI are termed shadow AI.
- Security and IT teams face challenges due to lack of visibility and policy enforcement.
- 76% of GenAI network traffic comes from Cursor AI, Microsoft Copilot, and OpenAI’s ChatGPT.
- Cato Networks announced new GenAI security controls during SASEfy 2025.
- Shadow AI usage is on the rise, requiring enhanced oversight to prevent data exposure and compliance violations.
- Real-world incidents of careless GenAI tool use have resulted in financial losses and sensitive data leaks.
MITRE Techniques :
- TA0011 – Identify and Categorize: Organizations need to detect and categorize GenAI tools in use.
- TA0040 – Continuous Monitoring: Continuous monitoring of GenAI usage is crucial for identifying and mitigating risks associated with data exposure.
- TA0013 – Data Protection: Correct policies must be enforced to protect sensitive information shared with GenAI apps.
Indicator of Compromise :
- [Domain] cursorai.com
- [Domain] chatgpt.com
- [Domain] openai.com
- [Domain] microsoft.com
- [URL] https://www.catonetworks.com
Full Story: https://www.catonetworks.com/blog/cato-ctrl-inside-shadow-ai/