Technology Integration
Important
Medium
80% Confidence
Cisco Reveals Enterprise AI Tool Usage Patterns and Security Risks via DNS Telemetry
Summary
Cisco analyzed generative AI tool usage via secure access and DNS telemetry, revealing ChatGPT dominance and malicious domain impersonation risks. The approach demonstrates network traffic monitoring for AI tool assessment, providing actionable methodology for security teams.
Key Takeaways
Cisco security team analyzed using Secure Access and Umbrella DNS data with Splunk at Cisco Live EMEA, finding ChatGPT had over 11,000 unique client queries, far exceeding other AI tools. Detected malicious domain clawbot[.]ai mimicking legitimate AI tool naming patterns, flagged by threat intelligence. Generative AI DNS queries constitute less than 5% of total enterprise queries.
Why It Matters
which may drive the industry to adopt similar methods to manage AI security risks. This capability reinforces Cisco's competitive advantage in network visualization and security monitoring....