AWS bolsters security tools to help customers manage AI risks

Amazon Web Services (AWS) has launched a slew of enhanced security capabilities designed to strengthen cyber resilience and secure generative artificial intelligence (GenAI) applications. The services, announced at the recent AWS re:Inforce conference, aim to simplify security management at scale and protect AI-driven innovations from emerging threats.

Bryce Boland, head of security solution architecture for AWS in Asia-Pacific and Japan, said the new features directly address key customer concerns. “Pretty much every company is now entering the phase where they need to leverage AI and drive business value from that technology,” he said. “Our customers are looking to us to help support their growth and to do it safely.”

The key announcements include major updates to AWS’s core security portfolio. A new version of AWS Security Hub, now in preview, acts as a central command centre, giving security teams a single, unified view to prioritise critical security issues across their entire AWS environment.

“I think customers that are taking advantage of the new AWS Security Hub are likely to see the biggest impact on their operations,” said Boland, adding that a unified view makes it easier to spot and respond to critical issues at scale.

Also in preview is AWS Shield Network Security Director, a tool designed to provide network engineers with a familiar topology map of their cloud resources. It automates the discovery of network assets and helps identify misconfigurations or gaps in security controls, simplifying network security management.

For container security, Amazon GuardDuty has expanded its threat detection capabilities to include runtime monitoring for the Amazon Elastic Kubernetes Service (EKS). The update allows for threat detection right down to the container level, enabling customers to identify complex attacks, such as those from crypto-mining groups, within their containerised infrastructure.

While the new GuardDuty capability adds a much-needed layer of security for Kubernetes users, customers will be keen to see performance benchmarks to ensure production workloads are not adversely affected. AWS declined to share specific performance overhead metrics, though Boland stated that it “performs similarly to other similar solutions”.

For developers, Amazon Inspector Code Security has been updated to integrate directly with third-party repositories such as GitHub and GitLab. Boland said the service now uses GenAI, trained on AWS’s own security best practices, to provide developers with direct recommendations to improve application security within their DevSecOps workflows.

Boland emphasised that these tools were developed to meet consistent customer demands for resilience, cost-effective security and guidance on building secure GenAI applications. To that end, he said AWS is building security into every layer of its generative AI stack. This begins at the hardware level with the AWS Nitro System, which protects the physical infrastructure used for training models through confidential computing.

In the middle layer, services like Amazon Bedrock feature tools such as Guardrails, which can filter harmful content and ensure outputs adhere to company policies. Boland said Southeast Asia super-app Grab is already using Bedrock Guardrails to meet its security needs across all critical products. At the application layer, tools such as Amazon Q Developer act as an AI-powered assistant to help developers build code and deploy applications securely.

Addressing the threat of cyber criminals using AI, Boland acknowledged its existence but argued that the advantage currently lies with defenders. “Security teams that are taking advantage of AI tools in their processes are getting a significant advantage in terms of the speed of operation, the ability to respond and deploy security changes at scale,” he said.

Ransomware remains the primary security concern for customers in the region, according to Boland. He noted that many leverage the resilience of the AWS cloud to protect themselves, using features like immutable backups that cannot be altered even if an attacker gains administrative access.

Ultimately, Boland noted that the biggest challenge in cyber security is not necessarily technical in nature. “Getting the right security resources is always a challenge,” he said. “AWS tries to meet that challenge by building tools that enable our customers to secure their environments effectively at scale.”