AI Ecosystem Intelligence by Entelijan Research
Umai continuously scans the public internet for exposed AI infrastructure, services, and artifacts. We index unauthenticated LLM endpoints, exposed model registries, leaking vector databases, and misconfigured ML pipelines - giving defenders visibility into the AI attack surface before adversaries exploit it.
Web App: umai.entelijan.com
Umai is a purpose-built reconnaissance and intelligence platform for the AI/ML ecosystem. While general-purpose internet scanners catalog HTTP services broadly, Umai applies deep domain knowledge - 140+ fingerprints tuned specifically for AI frameworks, model serving platforms, vector databases, training infrastructure, and agent toolchains.
Our index currently tracks 120,000+ confirmed exposed AI services across the public IPv4 space, with continuous discovery adding thousands of new records weekly.
| Category | Examples |
|---|---|
| LLM Inference Engines | Ollama, vLLM, TGI, llama.cpp, LocalAI |
| Model Registries & Hubs | HuggingFace Hub, MLflow, Weights & Biases |
| Vector Databases | Qdrant, Milvus, Weaviate, ChromaDB, Pinecone self-hosted |
| AI Orchestration | Ray, Kubeflow, Airflow ML pipelines |
| Agent Frameworks | LangChain Serve, AutoGPT, CrewAI |
| Training Platforms | Jupyter with GPU, NVIDIA RAPIDS, DeepSpeed |
| Computer Vision | ComfyUI, Stable Diffusion WebUI, YOLO endpoints |
| Conversational AI | Gradio apps, Streamlit, Chainlit, Open WebUI |
Umai operates a continuous discovery and classification pipeline across the public internet:
- Discover - Multiple signal sources identify potential AI endpoints in real-time
- Probe - Targeted inspection confirms whether a service is genuinely AI-related using 140+ purpose-built detection signatures
- Classify - Multi-stage confidence scoring ensures only verified exposures reach the public index
- Monitor - Published records are continuously re-verified for freshness and accuracy
For full technical details, see our Methodology documentation.
- FAQ - Common questions about Umai, our scanning practices, and data policies
- Methodology - Technical documentation on our scanning and classification pipeline
- Research - Published research on the state of exposed AI infrastructure
- Guides - Practical security guides for common AI deployments
- Advisories - Security advisories for critical exposure patterns
- Whitepapers - In-depth analysis papers
We welcome contributions from the security research community:
- Fingerprint submissions: Know an AI service we're not detecting? Open an issue with detection criteria (ports, HTTP response patterns, headers).
- False positive reports: If you believe a record in our index is incorrectly classified, open an issue with the IP/port and evidence.
- Research collaboration: We provide data access to qualified researchers studying AI infrastructure security. Contact research@entelijan.com.
- Guide contributions: Security guides for AI frameworks are welcome via pull request.
If you discover a critical exposure through Umai's data - for example, a government LLM endpoint leaking classified context, or a healthcare AI system exposing patient data - please follow responsible disclosure:
- Do not access, exfiltrate, or modify any data beyond what is necessary to confirm the exposure.
- Report to the asset owner first using standard coordinated disclosure timelines (90 days).
- Notify us at disclosure@entelijan.com so we can flag the record appropriately.
For takedown requests or opt-out from our index, see the FAQ.
Organizations can request removal of their assets from Umai's public index:
- Email optout@entelijan.com with the IP addresses or CIDR ranges
- We process removal requests within 48 hours
- Removed ranges are added to our permanent exclusion list
Content in this repository is licensed under CC BY 4.0. You may share and adapt the material with attribution.
Umai is a product of Entelijan Research. For enterprise inquiries, contact sales@entelijan.com.