AI Security

AI Governance

Track your organization's AI security maturity across three pillars: Protect, Utilize, and Govern.

Run Assessment Tool Inventory

Loading dashboard…

AI Security Maturity Stage

SANS AI Security Maturity Model

1Unaware

2ReactiveYOU

3Defined

4Managed

5Optimizing

Stage 2: Reactive

AI security is addressed on an ad-hoc basis. Incidents prompt responses but no systematic approach is in place.

Advance to Stage 3

PROTECT

2.4/5

4 controls active

View details

UTILIZE

3.1/5

AI in SAST/DAST

View details

GOVERN

1.8/5

1 policy active

View details

Next Steps to Stage 3 — Defined

3 actions

Establish AI tool approval processcritical

Define a lightweight approval workflow for new AI tools before they enter your environment.

GovernLow effort

Inventory all AI tools in usehigh

Catalog every AI tool currently in use, including shadow IT. Start with engineering and product teams.

GovernLow effort

Apply data classification to AI inputshigh

Ensure sensitive data categories are not sent to external AI models without explicit approval.

ProtectMedium effort

Start with "Establish AI tool approval process" — create action plan

Shadow IT Detected

3 AI tools in use without formal approval.

Review now

AI Tool Inventory

View all →

Approved5

Under Review4

Shadow IT3

Active Policies

3 policies

AI Tool Acceptable Use Policy

govern

active

AI Data Handling Guidelines

protect

draft

AI Model Output Review Process

utilize

draft