AIShield - AI Security Monitoring for Microsoft Sentinel

Solution: AIShield AI Security Monitoring

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Attribute	Value
Publisher	AIShield
Support Tier	Partner
Support Link	https://azuremarketplace.microsoft.com/marketplace/apps/rbei.bgsw_aishield_product/
Categories	domains
Version	3.0.1
Author	AIShield - AIShield.Contact@bosch.com
First Published	2022-01-11
Last Updated	2025-03-06
Solution Folder	AIShield AI Security Monitoring
Marketplace	Azure Marketplace · Popularity: ⚪ Very Low (0%)

The AIShield AI Security Monitoring solution allows users to connect with AIShield custom defense mechanism logs with Microsoft Sentinel. It gives users more insight into their organization's AI assets security posturing and improves their AI systems security operation capabilities. AIShield.GuArdIan analyzes the LLM generated content to identify and mitigate harmful content, safeguarding against legal, policy, role based, and usage based violations.

Underlying Microsoft Technologies used:

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

a. Azure Monitor HTTP Data Collector API

Data Connectors
Tables Used
Content Items

Data Connectors

This solution provides 1 data connector(s):

AIShield

Tables Used

This solution uses 2 table(s):

Table	Used By Connectors	Used By Content
`AIShield_CL`	AIShield	Analytics, Workbooks
`Guardian_CL` 🔶	-	Analytics

🔶 CLv1: This table uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g. _s, _d, _b, _t, _g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.

Content Items

This solution includes 42 content item(s):

Content Type	Count
Analytic Rules	38
Workbooks	2
Parsers	2

Analytic Rules

Name	Severity	Tactics	Tables Used
AIShield - Image Segmentation AI Model extraction high suspicious vulnerability detection	High	-	`AIShield_CL`
AIShield - Image classification AI Model Evasion high suspicious vulnerability detection	High	-	`AIShield_CL`
AIShield - Image classification AI Model Evasion low suspicious vulnerability detection	High	-	`AIShield_CL`
AIShield - Image classification AI Model extraction high suspicious vulnerability detection	High	-	`AIShield_CL`
AIShield - Natural language processing AI model extraction high suspicious vulnerability detection	High	-	`AIShield_CL`
AIShield - Tabular classification AI Model Evasion high suspicious vulnerability detection	High	-	`AIShield_CL`
AIShield - Tabular classification AI Model Evasion low suspicious vulnerability detection	Medium	-	`AIShield_CL`
AIShield - Tabular classification AI Model extraction high suspicious vulnerability detection	High	-	`AIShield_CL`
AIShield - Timeseries Forecasting AI Model extraction high suspicious vulnerability detection	High	-	`AIShield_CL`
Guardian- Additional check JSON Policy Violation Detection	Informational	-	`Guardian_CL`
Guardian- BII Detection Policy Violation Detection	High	-	`Guardian_CL`
Guardian- Ban Topic Policy Violation Detection	Medium	-	`Guardian_CL`
Guardian- Block Competitor Policy Violation Detection	Low	-	`Guardian_CL`
Guardian- Blocks specific strings of text Policy Violation Detection	Low	-	`Guardian_CL`
Guardian- Code Detection Policy Violation Detection	Low	-	`Guardian_CL`
Guardian- Content Access Control Allowed List Policy Violation Detection	Low	-	`Guardian_CL`
Guardian- Content Access Control Blocked List Policy Violation Detection	Medium	-	`Guardian_CL`
Guardian- Content Safety Profanity Policy Violation Detection	Low	-	`Guardian_CL`
Guardian- Content Safety Toxicity Policy Violation Detection.	Low	-	`Guardian_CL`
Guardian- Gender Bias Policy Violation Detection	Low	-	`Guardian_CL`
Guardian- Input Output Relevance Policy Violation Detection	Informational	-	`Guardian_CL`
Guardian- Input Rate Limiter Policy Violation Detection	Informational	-	`Guardian_CL`
Guardian- Invisible Text Policy Violation Detection	Low	-	`Guardian_CL`
Guardian- Language Detection Policy Violation Detection	Informational	-	`Guardian_CL`
Guardian- Malicious URL Policy Violation Detection	Medium	-	`Guardian_CL`
Guardian- No LLM Output Policy Violation Detection	Low	-	`Guardian_CL`
Guardian- Not Safe For Work Policy Violation Detection	Low	-	`Guardian_CL`
Guardian- Privacy Protection PII Policy Violation Detection	High	-	`Guardian_CL`
Guardian- Racial Bias Policy Violation Detection	Low	-	`Guardian_CL`
Guardian- Regex Policy Violation Detection	Low	-	`Guardian_CL`
Guardian- Same Input/Output Language Detection Policy Violation Detection	Informational	-	`Guardian_CL`
Guardian- Secrets Policy Violation Detection	Medium	-	`Guardian_CL`
Guardian- Security Integrity Checks Prompt Injection Policy Violation Detection	High	-	`Guardian_CL`
Guardian- Sentiment Policy Violation Detection	Low	-	`Guardian_CL`
Guardian- Special PII Detection Policy Violation Detection	High	-	`Guardian_CL`
Guardian- Token Limit Policy Violation Detection	Informational	-	`Guardian_CL`
Guardian- URL Detection Policy Violation Detection	Informational	-	`Guardian_CL`
Guardian- URL Reachability Policy Violation Detection	Informational	-	`Guardian_CL`

Workbooks

Name	Tables Used
AIShield	`AIShield_CL`
GuardianDashboard	-

Parsers

Name	Description	Tables Used
AIShield	-	`AIShield_CL` (read)
Guardian	-	`Guardian_CL` (read)

Release Notes

Version	Date Modified (DD-MM-YYYY)	Change History
3.0.1	06-03-2025	Added new Analytic Rules. Added new Workbook GuardianDashboard.json. Added new Parser Guardian.yaml
3.0.0	15-01-2023	Added Entity Mapping and remove alertactics Column Name to Analytic Rules. Added new Analytic Rules and updated existing Analytic Rules and (AIShield) Parser.