Posture Management

AI findings overview

Updated: June 19, 2025

posture-management findings ai

The AI Findings feature in the FireTail platform extends traditional API security by identifying issues and risks arising from interactions with large language models (LLMs). These findings help monitor the behavior of AI models and ensure outputs adhere to your organization’s safety, compliance, and data privacy standards.

What FireTail Detects

FireTail’s AI Findings help detect threats such as:

  • Leakage of sensitive or personally identifiable information (PII)
  • Exposure of cloud secrets or API keys in AI-generated responses
  • Toxic, harmful, or biased content generation
  • Jailbreak attempts and prompt injection vulnerabilities
  • Encoded payloads (e.g., Base64, hex) that may hide malicious data

Accessing AI Findings

To view AI-related security issues:

  1. Navigate to Posture Management
  2. Select the AI Findings tab

You’ll see a categorized view of all AI-related findings, including severity levels, status, tags, model metadata, and detection source.

Filters

Use the filter functionality to narrow down AI findings based on specific criteria:

Add Filter

  1. Click Add Filter
  2. Select a field from:
    • Finding App
    • Finding Action
    • Event
    • Finding Code
    • Finding Type
    • Severity
    • Status
    • Framework
    • Collection Version
    • Resources
    • CVE ID
    • CWE ID
    • CVSS Score
    • Tags
  3. Choose an operator
  4. Enter a value
  5. Click Submit to apply the filter

Interval

Filter for findings generated within a selected time period.

Download Findings

Click Download to export a CSV file of the AI Findings for further analysis or reporting.

Finding Severity

Each AI Finding is tagged with a severity level to help prioritize risk:

  • Information
  • Low
  • Medium
  • High
  • Critical

Change Finding Severity

  1. Click the appropriate finding
  2. Use the Severity dropdown to select a new level
  3. Click Update on the confirmation screen

Finding Status

Each finding has a status to reflect how the issue is being handled:

  • Open – Active and requires review
  • Remediated – Issue has been resolved
  • Ignored – Deemed non-actionable
  • Risk Accepted – Acknowledged but intentionally unaddressed
  • False Positive – Incorrectly flagged by the system

If you mark a finding as Risk Accepted, Ignored, or False Positive, it will not be re-triggered. If marked as Remediated, it will reappear if detected in a future scan.

Change Finding Status

  1. Click the Status dropdown
  2. Select a new status
  3. Click Update on the confirmation screen

View Finding Details

Click on an individual finding to see more information, including:

  • Tags
  • Date of detection
  • Model
  • Related logs
  • Remediation suggestion

Remediation Guidance

Review each finding in the context of your business and security needs.

Need help?

Contact FireTail support

Previous (Posture Management - Findings)
Findings overview
Next (Posture Management - Incidents)
Incidents