OneTrust AI Governance
OneTrust offers AI Governance, a platform that automates compliance and provides continuous monitoring of the AI landscape, across the software lifecycle starting with any AI usage at the beginning of any build. It can detect policy violations, and which AI agents are running. It offers a series of third-party integrations such as Amazon’s Bedrock and Sagemaker; Azure Foundry, ML Studio, and OpenAI; Databricks Unity Catalog and ML flow; and Google Vertex. Its subscription price is based on the number of admin users and number of AI inventory records, although no specifics were provided.
Orca AI-SPM
Orca Security’s AI-SPM is tightly integrated into the company’s security platform. It continues to expand its features, offering detections of more than 50 AI models, including training data and runtime threats, remediation, and support for Model Context Protocol to connect to other Orca-based telemetry. It continues to expand its nearly 100 integrations across SIEM and SOAR systems and various cloud providers’ services. For example, it works with AWS S3, SQS, SNS, CodeBuild, CloudTrail, and Security Hub. It comes with dozens of best-practice security rules that initially focused on compliance. It also alerts when sensitive data is detected inside models and when secrets are exposed. Orca’s overall security platform shows an AWS Marketplace annual pricing that ranges from $84,000 to $360,000, depending on the number of workloads scanned.
Palo Alto Networks AIRS AI Security
Palo Alto Networks has been busy acquiring point security vendors (Dig, ProtectAI, and an offer on Portkey) and incorporating their code into its two major product lines, Prisma and Cortex. You can purchase AI-SPM functionality in either Palo Alto product line, but they cover different aspects of the AI ecosystem. Cortex offers AI-SPM alongside the data and cloud SPMs integrated into the CNAPP suite. Prisma offers AI-SPM as part of a total AI security package called AIRS AI Security, which includes runtime protection, model scanning, and a more comprehensive platform. We focus on AIRS AI, which supports top-level scans of Amazon, Google Cloud, and Azure AI services to discover AI content and can classify and examine model data and secrets and comes with many built-in AI-related policies. Prisma has a long list of third-party integrations, including significant depth in AWS security services. That link will also take you to detailed instructions on how to set up these integrations. To complicate matters further, Palo Alto also sells a separate Prisma secure browser extension that works with these products to protect your endpoints, and that originated from technology it purchased from Talon Cyber Security in 2023. While pricing was not disclosed, our estimate is that AIRS will cost in the low six figures annually.
