Cloud security firm Wiz has published a detailed report about SAP security holes, now patched, that raises alarming questions about the secondary role AI efforts are having on cybersecurity defenses.
Cloud security firm Wiz has probed SAP defenses as part of its tenant isolation research on AI service providers, and on Wednesday published a lengthy list of shortcomings. SAP says that they fixed all of the problems before Wiz published.
Most deal with either a lack of meaningful segmentation or network components trusting other components without any authentication — a violation of the basic tenet of Zero Trust. Although AI played a minor role in the problems, some have pointed to the report as further evidence that the rush to GenAI deployments is undermining basic cybersecurity protections.
“We believe these (SAP) services are more susceptible to tenant isolation vulnerabilities because, by definition, they allow users to run AI models and …