"The confidence scoring provides two separate 1-to-5 ratings for each AI application: the Application Confidence Score, which measures general SaaS maturity, and the Gen-AI Confidence Score, focused on generative AI-specific risks. Ayush Kumar, senior product manager at Cloudflare, and Sharon Goldberg, product director at Cloudflare and formerly founder at BastionZero, argue why the scoring system could support security teams in defining access policies for AI at scale and write:"
"Scores are not based on vibes or black-box "learning algorithms" or "artificial intelligence engines". We avoid subjective judgments or large-scale red-teaming as those can be tough to execute reliably and consistently over time. Instead, scores will be computed against an objective rubric that we describe in detail in this blog. Our rubric will be publicly maintained and kept up to date in the Cloudflare developer docs."
Cloudflare announced Application Confidence Scores to automate evaluation of third-party AI applications for safety and security at scale. Two separate 1-to-5 ratings are provided: the Application Confidence Score assesses general SaaS maturity and the Gen‑AI Confidence Score evaluates generative-AI-specific risks. Scoring criteria include regulatory compliance (SOC 2, GDPR, ISO 27001), data management practices, security controls, and financial stability to gauge long-term vendor viability. Gen‑AI-specific criteria cover deployment security models, availability of model cards, and training on user prompts. Scores are computed against an objective, publicly maintained rubric in Cloudflare developer docs to help security teams define AI access policies.
Read at InfoQ
Unable to calculate read time
Collection
[
|
...
]