How does Zscaler DSPM detect sensitive data exposure in AI applications?

DSPM maps the access paths between AI models and their data sources, identifying when knowledge bases or training data contain sensitive information classified under regulations like GLBA. The platform surfaces this exposure in a dashboard organized by model and data classification, allowing security teams to trace exactly how an AI model gained access to specific sensitive documents.

What remediation options does DSPM provide when sensitive data is exposed to AI models?

DSPM can trigger proactive alerts when sensitive data exposure is detected, with integration options including Jira tickets, ServiceNow tickets, and custom automation workflows. The alerts include threat descriptions explaining potential attack scenarios, helping teams prioritize and respond appropriately based on organizational policies.

Securing AI Data Access in AWS Bedrock with Zscaler DSPM

Name: Securing AI Data Access in AWS Bedrock with Zscaler DSPM
Uploaded: 2026-03-20T19:32:40-04:00
Duration: 7 min 23 s
Description: TL;DR RAG-based AI applications can inadvertently expose sensitive data when knowledge bases include documents beyond their intended scope, allowing prompt injection attacks to extract confidential information. Zscaler DSPM maps the complete access pat...

Zscaler

03/20/2026

0 (0%)

Report Like Favorite

TL;DR

RAG-based AI applications can inadvertently expose sensitive data when knowledge bases include documents beyond their intended scope, allowing prompt injection attacks to extract confidential information.
Zscaler DSPM maps the complete access path from AI models to underlying data stores, identifying which sensitive data classifications each model can reach.
Proactive alerting notifies security teams when AWS Bedrock knowledge bases contain sensitive S3 data, with integration options for ticketing and automation workflows.
Future DSPM capabilities will address shadow AI detection for self-hosted AI workloads running outside managed cloud services like Bedrock or Azure AI Foundry.

RAG Architecture and Data Exposure Risks

This demonstration walks through building a customer-facing chatbot using AWS Bedrock and Anthropic's Claude model with Retrieval Augmented Generation (RAG). The fictional SafeMarch Home Appliances company uses RAG to augment LLM responses with product documentation stored in S3 buckets, enabling the chatbot to answer domain-specific questions about home appliances. However, the demo reveals a critical security gap: when a knowledge base inadvertently includes sensitive documents alongside intended content, users can craft prompts that extract confidential information—in this case, board resolutions detailing a $100 million acquisition plan that the model incorrectly attributes to the user manual.

DSPM Detection and Remediation Workflow

Zscaler DSPM's AI-SPM capabilities provide visibility into which AI models can access sensitive data and through what paths. The dashboard surfaces exposure by model and data classification type, allowing security teams to trace the access path from AWS Bedrock knowledge bases through to specific S3 objects containing regulated data like GLBA-classified financial statements. Beyond reactive investigation, DSPM generates proactive alerts when knowledge bases contain sensitive data, describing potential threats and enabling automated remediation through Jira tickets, ServiceNow integration, or custom workflows. The presenter previews upcoming coverage for shadow AI scenarios where organizations deploy AI workloads outside managed services.

Chapters

0:00 - Introduction and Use Case Overview
1:23 - RAG Architecture Explained
2:39 - Chatbot Demo and Data Extraction
4:13 - DSPM Dashboard Investigation
5:34 - Alert Configuration and Remediation
6:34 - Preview of Shadow AI Capabilities

Key Quotes

3:47 "So you can see here that it actually exposes information it's not supposed to. Specifically, it tells us that there is a top-secret document that outlines plans to acquire Acme Tech for 100 million US dollars by March 2026."
5:54 "A malicious user could submit a harmful prompt or query, enabling them to extract sensitive data from the model if it is not properly secured. And that's exactly what happened."
6:55 "It's one thing to use a managed AI service from AWS like Bedrock or from Azure like Azure AI Foundry. It's a different thing to deploy a virtual machine with some AI software running on it."

Categories:

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

05/06/2026

02:00 AM

05/06/2026

Detecting Attacks Before They Escalate into Breaches with AI's Help

https://www.truthinit.com/index.php/channel/1886/detecting-attacks-before-they-escalate-into-breaches-with-ais-help/
05/06/2026

10:00 PM

05/06/2026

World Password Day: What to Do Now That You Still Have Passwords

https://www.truthinit.com/index.php/channel/1913/world-password-day-what-to-do-now-that-you-still-have-passwords/
05/07/2026

05:00 AM

05/07/2026

World Password Day: Strategies for Managing Your Passwords Effectively.

https://www.truthinit.com/index.php/channel/1914/world-password-day-strategies-for-managing-your-passwords-effectively/
05/07/2026

01:00 PM

05/07/2026

World Password Day: Strategies for Managing Your Existing Passwords.

https://www.truthinit.com/index.php/channel/1915/world-password-day-strategies-for-managing-your-existing-passwords/
05/12/2026

01:00 PM

05/12/2026

Transforming Black Box to Glass Box: Revealing Hidden Threats and AI Risks through Data Lineage

https://www.truthinit.com/index.php/channel/1895/transforming-black-box-to-glass-box-revealing-hidden-threats-and-ai-risks-through-data-lineage/
05/12/2026

11:30 PM

05/12/2026

Effective Strategies for Safeguarding Active Directory and Minimizing Data Risks

https://www.truthinit.com/index.php/channel/1888/effective-strategies-for-safeguarding-active-directory-and-minimizing-data-risks/
05/13/2026

01:00 AM

05/13/2026

Transforming the Black Box: Revealing AI Risks and Hidden Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1890/transforming-the-black-box-revealing-ai-risks-and-hidden-threats-through-data-lineage/
05/13/2026

05:00 AM

05/13/2026

Transforming Black Box to Glass Box: Revealing AI Risks and Hidden Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1894/transforming-black-box-to-glass-box-revealing-ai-risks-and-hidden-threats-through-data-lineage/
05/19/2026

01:00 PM

05/19/2026

Establishing AI Governance Foundations for GenAI at Every Deployment Stage

https://www.truthinit.com/index.php/channel/1936/establishing-ai-governance-foundations-for-genai-at-every-deployment-stage/
05/21/2026

11:00 AM

05/21/2026

The Autonomous Era: Orchestrating a Resilient Enterprise

https://www.truthinit.com/index.php/channel/1372/the-autonomous-era-orchestrating-a-resilient-enterprise/
05/27/2026

04:00 AM

05/27/2026

Rivoluziona i rischi dell'AI in opportunità con Netskope AI Security

https://www.truthinit.com/index.php/channel/1925/rivoluziona-i-rischi-dellai-in-opportunità-con-netskope-ai-security/
05/28/2026

10:00 AM

05/28/2026

Harnessing AI: Transforming Perception into Purposeful Mastery

https://www.truthinit.com/index.php/channel/1924/harnessing-ai-transforming-perception-into-purposeful-mastery/
06/02/2026

01:00 PM

06/02/2026

Spring of Satori: Insights into Our New Findings and the 2026 Threat Landscape

https://www.truthinit.com/index.php/channel/1930/spring-of-satori-insights-into-our-new-findings-and-the-2026-threat-landscape/
06/04/2026

02:00 AM

06/04/2026

Mastering the Unseen: Managing Shadow AI and Agentic MCP Traffic

https://www.truthinit.com/index.php/channel/1948/mastering-the-unseen-managing-shadow-ai-and-agentic-mcp-traffic/