How Portal26 Solves GenAI Security Risks Like DeepSeek

RC Reynolds, February 17, 2025

At this point, everyone is aware of the DeepSeek craze. After becoming the most downloaded app in the world and making headlines for its remarkably low $6 million development cost. Users are eagerly testing its capabilities and many are impressed. But for organizations, this raises serious security concerns.

The biggest issue? All the data sent to DeepSeek goes straight to China, a country known for its advanced cyber capabilities and persistent threats to enterprise security. For CSOs, this isn’t just a hypothetical risk. It’s a real and immediate challenge.

What are the specific threats of viral AI applications like DeepSeek, and how can organizations protect themselves from them? Without a plan and the right tools in place organizations will always be a step behind this fast-changing market and risk employees inadvertently leaking data. That’s where Portal26’s advanced AI governance platform paired with PMsquare’s services can help.

PMsquare’s Services

PMsquare has partnered with Portal26 in response to the growing demand for solutions to data leakage events, DLP misconfigurations, and secure GenAI implementations. Many organizations struggle with not just monitoring GenAI use, but also understanding the risks, analyzing security data, and implementing actionable changes.

PMsquare works alongside clients to analyze GenAI data, assess security posture, and implement improvements across key areas, including:

• Incident Response Planning: Refining IR plans to account for GenAI-driven risks.
• Portal26 Configuration Optimization: Customizing settings and policies to align with security and compliance needs.
• Policy Development & Attestation: Expanding and enforcing internal governance structures.
• Education & Training: Developing strategies to improve employee awareness and responsible GenAI use.
• Security Maturity Growth: Enhancing overall security posture and GenAI governance across the organization.

Below, you’ll find maturity graphs showcasing how PMsquare helps clients progress toward a more secure and structured GenAI adoption, alongside an example GenAI usage assessment slide that demonstrates our approach.

Our IIRS Methodology:

PMsquare follows a proven framework to guide organizations through a structured process that ensures efficient GenAI adoption and security enhancement:

1. Portal26’s Rapid Adoption Management Program (RAMP): A structured onboarding framework for seamless integration.
2. Free Half-Day Ideation Session: Aligns organizational objectives, addresses data challenges, and crafts actionable strategies.
3. Solution Workshops: Defines key security and business opportunities.
4. 5-Day Preparation Period: A structured phase to plan, commit, and execute rapid security and policy development.
5. Sprint Cycles: Hands-on collaboration to build, validate, and refine solutions, monitor AI usage, and establish a roadmap for scaling production securely.
6. Continuous AI Usage Observability: A process that includes observing, testing, releasing, deploying, and operating.
7. Transition Into Continuous Improvement: A stage of continual implementation of adopted processes and policies to promote constant growth

PMsquare doesn’t just assist in initial deployment – we work closely with Portal26 and clients to continuously evolve the tool based on real-world testing and feedback. Our mission is to:

• Ensure a seamless Proof of Concept (POC) and deployment
• Empower security teams with tailored analysis and actionable insights
• Enhance GenAI maturity, risk management, and operational efficiency

Now let’s dive into the Portal26 solution that makes all this possible.

How Portal26 Mitigates GenAI Security Concerns

Portal26

Portal26 is a game-changing AI governance platform that gives organizations clear insight into their company’s GenAI usage. This visibility allows organizations to responsibly adopt Generative AI to enhance productivity, while strengthening security, reducing risk and enabling data informed investment decisions for their GenAI program.

What sets Portal26 apart is its seamless integration with existing security tools like Zscaler, Netskope, iBoss, Palo Alto, and more, they have yet to find a security solution they can’t connect with. Installation is quick and hassle-free, typically taking less than 90 minutes and often as fast as 30 minutes. There are no endpoint agents, browser plugins or proxies to deploy and there is zero impact on user experience and network latency.

With fast deployment and integrations that leverage your existing network security investments, Portal26 empowers organizations to take control of their GenAI usage, minimizing security risks while maximizing their productivity gains.

Key Platform Features

Shadow AI Discovery

It starts with the Portal26 Shadow AI Discovery Engine that analyzes all of your web traffic and identifies those sites which utilize Generative AI models in real time and feeds them back to your secure web gateway or firewall so that your URL Category based policies are as complete and effective as possible. Because new Generative AI sites are constantly coming online and existing sites are adding GenAI capabilities, real world experience has shown that the static URL Categorization lists from the major Secure Web Gateway and Firewall vendors miscategorize as many as half of all the GenAI sites their users are visiting.

For example, Portal26 Shadow AI Discovery customers have been aware of DeepSeek since January 7, 2025, almost three full weeks before any of the major security vendors classified the DeepSeek domain as Generative AI. While many organizations were scrambling on January 27th to figure out what potential risk exposure, they had due to DeepSeek, Portal26 customers were able to immediately quantify how much use had occurred as well as any potentially sensitive data that might have been exposed because of that use. The DeepSeek experience is not unique, one 500 user company has averaged 17 new uncategorized Gen AI sites per week over the eight weeks they’ve been using the Shadow AI Discovery service, which allows its small security team to focus on investigating and remediating GenAI related incidents instead of maintaining a complete list of sites, domains and URL’s which are GenAI related.

GenAI Prompt Analytics

In addition to Shadow AI Discovery, Portal26 provides a comprehensive Prompt Analytics capability that allows organizations to understand not only which GenAI sites their users are interacting with but can also analyze and report on the state of GenAI use including departmental data, user intent and the presence of sensitive data in user prompts. By saving the prompt data in its NIST FIPS-140-2 secure data vault, Portal26 enables complete forensic analysis during insider threat, data leakage investigations, control effectiveness testing and risk assessment after breach/vulnerability announcements from GenAI vendors.

Portal26’s AI driven sensitive data detection engine flags prompts that contain sensitive data such as PII, PHI, company IP and code. Once a sensitive data incident is identified a push notification can be generated to email or can automatically trigger the creation of an incident in ServiceNOW, ITSM, SOAR or SIEM platforms. In combination with ShadowAI Discovery, Portal26 Prompt Analytics gave security leaders the ability to instantly answer the question “Have we put any sensitive data into DeepSeek?” before the Secure Web Gateway and Firewall vendors had even categorized DeepSeek as Generative AI.

Portal26 brings cutting-edge visibility into GenAI activity, while PMsquare provides the expertise to interpret this data and drive meaningful security and operational improvements. Together, we help organizations reduce risk, enhance governance, and maximize Gen AI’s potential safely and efficiently.

Conclusion

The explosion of GenAI tools like DeepSeek is just the beginning. As these models grow larger, more powerful, and widely adopted, organizations must stay ahead of the curve. The risks of data leakage, compliance failures, and security blind spots will only intensify as new AI platforms emerge, making visibility and governance non-negotiable.

Now is the time to act. By implementing a proactive platform like Portal26 for GenAI visibility and governance, companies can protect sensitive data, enforce security policies, and ensure AI is used responsibly. But visibility alone isn’t enough turning insights into action requires strategy, expertise, and hands-on implementation.

That’s where PMsquare fits in. Our partnership with Portal26 goes beyond monitoring and reporting we work directly with security teams and business leaders to translate AI usage data into tangible security improvements, incident response planning, compliance enforcement, and workforce education. Organizations that lack a comprehensive strategy to manage risks from DeepSeek and future GenAI models risk falling behind and exposing themselves to preventable security breaches.

Reach out to PMsquare to learn how Portal26’s shadow AI and AI governance platform can protect your business from AI risks. If you are needing more hands-on support, explore PMsquare’s GenAI Assessment designed to provide business leaders with a holistic approach to developing, implementing, and securing AI workloads.

Be sure to subscribe to our newsletter for more PMsquare updates, articles, and insights delivered directly to your inbox.