Third Party AI Assets

The AI Assets tab, under Third Party, provides a centralized view of external AI components and services discovered in your application environment. It helps you understand how third-party AI assets, such as AI APIs, MCP tools, prompts, resources, and servers, are being used, what sensitive data flows through them, and which integrations may require your attention.

Note

Third Party API monitoring depends on your deployment method. For information on the supported deployment setups, see Third Party Monitoring Support Matrix. Further, Third Party AI asset monitoring also depends on the deployment method. For information on the supported deployment setups, see AI Security Agent Support Matrix.

To view the AI Assets tab, navigate to Discovery → Third Party → AI Assets tab. In the page’s top-right corner, use the Environments drop-down to select the environment for which you wish to view the data.

What will you learn in this topic?

By the end of this topic, you will understand:

• The widgets displayed on the AI Assets tab.

• The insights available on the AI Assets tab.

• The way to identify sensitive data exposure across third-party AI assets.

• The way to improve external AI asset visibility and security posture.

Understand the third-party AI Assets view

The AI Assets tab displays widgets at the top to summarize the distribution, usage, and sensitive data exposure of external AI assets across your environment(s). These widgets help you assess AI integration visibility and identify areas that require investigation and remediation.

These widgets help you identify:

• The types of third-party AI assets discovered

• The AI assets handling sensitive data

• The external AI vendors available in your environment

• The AI integrations that may require investigation or remediation

Widgets on the AI Assets tab

Traceable displays the following widgets on the AI Assets tab:

Table on the AI Assets tab

While the above widgets provide visualizations to help you understand your third-party security posture, the AI Assets tab displays an inventory table. This table highlights discovered external assets and integrations, along with usage metadata, such as asset name, type, caller service, sensitive data type, and request volumes. You can click a specific AI asset to access detailed insights into its interaction behavior.

You can use this information to understand the following:

• The AI assets that are being actively used.

• The AI assets handling sensitive information.

• The way to detect heavily used or inactive AI integrations.

• The way to prioritize investigation and remediation actions.

Leverage the AI Assets view

Once you understand the Third Party AI Assets view, you can use this information to investigate and validate risks and to optimize external service usage. You can do this in the following manner:

Filter strategically

You can use filters to narrow down the view and focus on the relevant third-party AI assets. For example, you can filter by:

• Asset Type to isolate MCP tools, prompts, and APIs

• Sensitive Data Type to identify sensitive data exposure in the above asset types

• AI Vendor to investigate external vendor usage

You can do this by clicking the Filter () icon in the page’s left top corner and selecting the attribute you wish to refine the data on. This helps you reduce investigation time and improve visibility into security-relevant AI integrations.

Take necessary actions

Once you have filtered the data displayed on the page, you can take the following actions:

• Improve security and reduce risk — Identify AI assets with sensitive data exposure and prioritize their investigation and review.

• Improve posture — Identify inactive AI assets that may be increasing operational complexity or creating dependencies.

• Strengthen governance — Track sensitive data flow across prompts, tools, APIs, and external AI providers to support compliance requirements.