XM Cyber has expanded its Continuous Exposure Management Platform with new capabilities that help organizations adopt artificial intelligence more securely. With this move, the company aims to remove a growing barrier for enterprises that want to innovate quickly but also need to reduce cyber risk across increasingly complex environments.
As AI adoption accelerates, many organizations are integrating AI tools, cloud services, and agentic systems into everyday workflows. However, this rapid rollout also introduces fresh security blind spots. In many cases, security teams struggle to see how AI-related exposures connect with broader attack paths across cloud, on-premises, and hybrid infrastructure. XM Cyber is addressing that challenge by adding new functionality designed to reveal, validate, and prioritize AI risks before threat actors can exploit them.
“Rapid AI adoption has created a dilemma for security leaders: innovate at speed, or maintain the controls needed to stay secure. Our new functionality eliminates this friction by enabling security teams to identify and remediate AI-related exposures before attackers can exploit them,” said Boaz Gorodissky, CTO and Co-Founder of XM Cyber. “Our platform now identifies AI exposures as part of an integrated attack surface, and can map how they chain together with other exposures to create attack paths. Our customers believe these capabilities are fundamental to their ability to adopt AI safely, and we’re excited to deliver such business-critical functionality.”
With these enhancements, XM Cyber is closing what it describes as the AI exposure gap. More importantly, the platform now focuses on three major pillars of AI security.
First, it delivers comprehensive AI attack surface visibility. This includes Shadow AI Discovery, which gives organizations a real-time view of AI tool usage across browsers, installed applications, and MCP servers. As a result, security teams can continuously identify the use of public AI platforms such as OpenAI, Claude, Cursor, and Gemini. This visibility helps organizations spot unsanctioned usage and determine whether sensitive corporate data is flowing into unapproved tools. In addition, the platform detects AI resources configured with data exfiltration utilities such as curl, wget, and netcat, as well as risky privileges like sudo access and shell interpreters. It also provides an MCP Server Inventory and deeper cloud AI visibility across AWS Bedrock, Google Cloud Vertex AI, and Microsoft Azure OpenAI.
Second, XM Cyber strengthens validated AI attack path mapping. Through its Attack Graph Analysis™, the platform now extends visibility into in-application AI and MCP server exposures. Consequently, security teams can understand how weaknesses in AI development or training environments may connect with other exposures to create full attack paths. The company says this capability allows teams to trace risks from internet-facing assets to cloud AI models, and further into on-premises databases and industrial systems. The platform also scans MCP configurations, environment variables, and instruction files for hardcoded API keys and tokens that may enable unauthorized access.
Third, the platform improves AI security governance and compliance. It now helps organizations align AI deployments with frameworks such as the EU AI Act and the NIST AI Risk Management Framework. At the same time, it detects configuration drift between scans and continuously validates whether AI infrastructure follows internal security policies.
The latest release is also backed by fresh research from the XM Cyber Research Team, which examined vulnerabilities and misconfigurations tied to cloud-based AI development services, including AWS Bedrock, GCP Vertex, and Azure OpenAI. According to the company, this research uncovered how complex permissions and resource-based policies can expose proprietary models and sensitive training data when left unmanaged.
By integrating these findings into its broader Continuous Threat Exposure Management framework, XM Cyber now enables organizations to see validated attack paths that include AI exposures across hybrid environments. Therefore, security teams can prioritize the issues that pose the greatest business risk and remediate misconfigured AI assets before attackers gain an opening. Overall, the launch strengthens XM Cyber’s position in helping enterprises secure AI adoption without slowing innovation.
Recommended Cyber Technology News:
- Key Features of MaaS: What to Look for in Monitoring Solution?
- Impact of Cybersecurity Frameworks (CSF): NIST CSF, CIS Controls, and ISO 27001
- Top Compliance Automation and Adaptive Policy Management Tools
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
