Upon clicking an AI asset, Traceable provides a detailed view that displays key insights about the asset. This helps you track an inventory in detail and understand how the asset is integrated, its performance, and identify whether it is monitored or secured in your environment. Traceable organizes the detailed view page for each asset in tabs that allow you to gather deep-level insights and metrics. This ensures that your security teams can evaluate the health, performance, and risks (if any) associated with an AI asset.
What will you learn in this topic?
By the end of this topic, you will be able to:
Identify AI assets on the All Assets page and navigate their detailed view.
Understand the information displayed for AI assets, such as AI APIs, MCP tools, and MCP servers.
Understand how to use the insights to improve security, reliability, and maintain compliance.
Identifying AI assets
The All Assets page provides a comprehensive view of all assets in your application. While Traceable provides a list of filters on the page, you can apply various AI filters to identify AI assets according to your requirements. Traceable provides the following filters that you can use to view such assets:
AI Asset Filters
Is AI Asset — Filters assets whether they are AI-related, for example, AI APIs and MCP tools.
AI Model Types — Filters assets on the type of AI model, for example, Google-gemini-pro and gpt-3.5-turbo.
AI Vendors — Filters assets based on the vendor providing the AI capability, for example, OpenAI and Google.
Once you have applied the necessary filters, Traceable displays the information on the page. You can click on an AI asset to view its details. The following sections highlight these details for each AI asset. You can use this information to gather insights and perform actions according to your requirements.
AI APIs and their details
The AI API details page is similar to the Endpoint Details page but highlights insights based on AI traffic. It displays the total requests, attack types, malicious behaviors, traces, and metrics so you can track how the AI endpoints are performing. You can view information, such as API details, the risk score associated with the API, requests, and other metrics.
AI Endpoint Details
This information helps you understand any unusual activity, such as sudden spikes or sensitive data flowing through requests. It also helps you validate the correct usage of API endpoints, troubleshoot performance issues, and prevent exposure of sensitive data. For more information on the details shown for an endpoint, see Endpoint Details.
MCP tools and their details
The MCP Tools details page provides information on how individual tools are operating within your MCP server. The following details are displayed for each MCP tool:
The Overview tab provides information, such as the associated MCP server, host, and the time the tool was created and last updated. It also displays the schema associated with the tool.
The Spans tab provides information on interactions with services, APIs, and backends, along with the request, response, and attributes in each span.
MCP Tools Detailed View
This information helps you understand whether the tool is reliable, working as expected, or adding errors, delays, or dependencies. Using this information, you can keep your MCP tools aligned with your business requirements.
MCP servers and their details
The MCP Server details page provides a server-level view of your MCP infrastructure. It displays the list of MCP tools hosted on it, along with information such as the datatypes passing through each tool and the associated environment. You can click a tool to open its detailed view, which provides tool-specific information.
MCP Servers Detailed View
This hierarchy makes it easy for you to trace relationships between MCP tools and servers, manage distributed deployments, and quickly identify whether issues are coming from the tools inside which server.
AI domains, services, backends, and their details
The detailed pages for AI backends, services, and domains are built on the existing infrastructure but display context based on AI-specific usage. On these detailed pages, Traceable displays activity trends, traffic volumes, and response times for the assets processing AI requests. This provides you with a detailed view of how your application infrastructure supports AI workloads. The page also highlights anomalies, such as misconfigurations, unauthorized access, or traffic patterns.
Domains, Services, and Backends Detailed View
This information helps you and your security teams ensure that your AI infrastructure stays reliable and compliant.
Leveraging the AI asset details
These detailed views provide information while helping you act on it. You can use them to monitor activity trends, troubleshoot issues with spans and traces, and identify risks where sensitive data is flowing into the AI services. You can also use the details for audits and governance reviews, demonstrating accountability for AI usage in your organization.
Example
Consider a scenario where your team is preparing for an AI governance review. From an AI API details page, you can confirm which APIs are associated with the AI services. The MCP tool's detailed view page displays whether tools are restricted to specific environments. Similarly, the AI domains, services, and backends’ detailed view pages display whether any of these assets are serving production traffic outside compliance rules. These insights help you reduce security issues and ensure that AI adoption remains secure and compliant.