The pace of artificial intelligence adoption presents an exhilarating, almost dizzying, spectacle. Organizations race to integrate these new capabilities, seeking the profound efficiencies and novel insights promised by this technological wave.
Yet, this very speed creates a critical blind spot - a domain of unseen risk for the security teams tasked with protecting the enterprise. This rapid, often decentralized, deployment of new technologies gives rise to what one might call Shadow AI: infrastructure spun up by developers and data scientists, operating beyond the purview of traditional security oversight.
Tools foundational to AI agent collaboration, like Anthropic's Message Control Protocol (MCP) servers, appear on the network, creating a new and unmanaged attack surface. As your organization embraces AI, can your security team truly see and secure the new infrastructure it is built upon?
The danger of this Shadow AI presents a real and immediate challenge. Consider a prime example of these hidden risks: the Anthropic MCP Inspector, a tool designed by developers for the essential work of testing and debugging the MCP servers that facilitate AI agentic workflows.
A critical vulnerability, identified as CVE-2025-49596, affects versions of the MCP Inspector below. An attacker exploiting this flaw could execute arbitrary commands on the server: A compromise that opens the door to installing backdoors, stealing proprietary data, or moving laterally across the corporate network.
The broader risk extends to the MCP servers themselves, which, when exposed, also present significant avenues for potential data exfiltration. The tools powering this new era of innovation can themselves become a gateway for attackers if left unmanaged and unseen.
A problem of visibility demands a solution founded on discovery. To this end, Cortex Xpanse 2.11 now tackles this emerging threat with its new AI Infrastructure Detections feature.
Available in standalone Cortex Xpanse, Cloud ASM in Cortex Cloud, and ASM in Cortex XSIAM, this feature automatically discovers the AI-related infrastructure that previously constituted the Shadow AI blind spot, including both MCP servers and instances of the vulnerable Inspector. Few security programs have the ability to protect what they cannot see. Cortex Xpanse provides the foundational visibility that allows security teams to keep pace with the speed of innovation, ensuring no AI asset remains unknown or unmanaged.
Once Xpanse discovers a new, critical AI server on your network, how do you ensure its protection? This is the point where discovery becomes the critical input for a comprehensive exposure management program.
For the crucial AI assets that Xpanse uncovers, like these MCP servers, users of Cortex Exposure Management can take the next decisive step. They can proactively protect these systems by defining the specific security controls that should be in place, ensuring these new and vital assets become properly shielded by existing defenses. This capability allows an organization to build a robust and intentional security posture around its most innovative and valuable technologies.
The adoption of artificial intelligence offers an incredible opportunity, but it arrives with new and often hidden risks. Proactively securing this journey must begin with complete and continuous visibility. Cortex Xpanse provides that essential foundation, allowing you to discover and manage your AI attack surface.
We invite you to schedule a personalized demonstration to witness how complete visibility can illuminate your AI attack surface and bring Shadow AI under your control.