Key Findings
14% of organizations using Amazon Bedrock do not explicitly block public access to at least one AI training bucket
TenableCloud AI Risk Report 2025·Mar 19, 2025
Cloud SecurityAI SecurityData SecurityAmazon Bedrock
77% of organizations have the overprivileged default Compute Engine service account configured in Google Vertex AI Notebooks
TenableCloud AI Risk Report 2025·Mar 19, 2025
Cloud SecurityAI SecurityMisconfigurationGoogle Cloud
91% of Amazon SageMaker users have at least one notebook that, if compromised, could grant unauthorized access
TenableCloud AI Risk Report 2025·Mar 19, 2025
Cloud SecurityAI SecurityAccess ControlAmazon SageMaker
Approximately 70% of cloud AI workloads contain at least one unremediated vulnerability
TenableCloud AI Risk Report 2025·Mar 19, 2025
Cloud SecurityAI SecurityVulnerabilityRemediation
Tenable Research found CVE-2023-38545—a critical curl vulnerability—in 30% of cloud AI workloads
TenableCloud AI Risk Report 2025·Mar 19, 2025
Cloud SecurityAI SecurityVulnerabilityCVE-2023-38545
5% of organizations using Amazon Bedrock have at least one overly permissive bucket
TenableCloud AI Risk Report 2025·Mar 19, 2025
Cloud SecurityAI SecurityData SecurityAmazon Bedrock