Tenable

6 STATS1 REPORTS

Reports

Cloud AI Risk Report 20256 stats

All Statistics

14% of organizations using Amazon Bedrock do not explicitly block public access to at least one AI training bucket

TenableCloud AI Risk Report 2025·Mar 19, 2025
Cloud SecurityAI SecurityData SecurityAmazon Bedrock

77% of organizations have the overprivileged default Compute Engine service account configured in Google Vertex AI Notebooks

TenableCloud AI Risk Report 2025·Mar 19, 2025
Cloud SecurityAI SecurityMisconfigurationGoogle Cloud

91% of Amazon SageMaker users have at least one notebook that, if compromised, could grant unauthorized access

TenableCloud AI Risk Report 2025·Mar 19, 2025
Cloud SecurityAI SecurityAccess ControlAmazon SageMaker

Approximately 70% of cloud AI workloads contain at least one unremediated vulnerability

TenableCloud AI Risk Report 2025·Mar 19, 2025
Cloud SecurityAI SecurityVulnerabilityRemediation

Tenable Research found CVE-2023-38545—a critical curl vulnerability—in 30% of cloud AI workloads

TenableCloud AI Risk Report 2025·Mar 19, 2025
Cloud SecurityAI SecurityVulnerabilityCVE-2023-38545

5% of organizations using Amazon Bedrock have at least one overly permissive bucket

TenableCloud AI Risk Report 2025·Mar 19, 2025
Cloud SecurityAI SecurityData SecurityAmazon Bedrock