2.4.1 Ensure 'Settings for DevTools Generative AI Features' Is Set to 'Enabled:Allow DevTools Generative AI Features without improving AI models'

Information

DevTools AI features is an AI-based assistant that provides additional debugging information. It requires the sending of error messages, stack traces, code snippets, network requests, and/or any other data collected for debugging purposes to Google to train the generative AI model. That data could include prompts, inputs, outputs, source materials, and written feedback, depending on the feature, and may also be reviewed by humans to improve AI models.

Note: Response body or authentication and cookie headers in network requests are not included in the data sent to the server.

Note: For compliance, adherence to security recommendations is achieved by either implementing the recommended setting or disabling the feature(s) based on organizational needs.

Not allowing the DevTools AI features feature to improve the AI model's content can stop possible leakage of your organization's propriety information of internal webs in the collected data.

Solution

To establish the recommended configuration via Group Policy, set the following UI path to Enabled:Allow DevTools Generative AI Features without improving AI models or Enabled:Do not allow DevTools Generative AI Features :

Computer Configuration\Administrative Templates\Google\Google Chrome\Generative AI\Settings for DevTools Generative AI Features

Impact:

This should have no impact on the user.

See Also

https://workbench.cisecurity.org/benchmarks/16430

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-20(1), 800-53|AC-20(2), 800-53|CM-6, 800-53|CM-7, CSCv7|5.1

Plugin: Windows

Control ID: 7bf797c44a321e6384aaf7bba38c04f0b7ea57c8936937f7db2b37b864355dee