SECURITY is a top priority at Amazon Web Services (AWS), offering unparalleled visibility and insight into ongoing security, identity and compliance issues across the globe. This knowledge forms the backbone of AWS’ continuous investments in cutting-edge threat intelligence, bolstering the resilience of its infrastructure and services.
At the recent AWS Pan-Asean virtual media briefing, Kimberly Dickson, senior worldwide security specialist at AWS, shared insider insights on generative AI and security.
Secure development with AWS
Currently, customers upload terabytes and even petabytes of data into Amazon S3, its object storage service. With this growing volume of data, it is highly important for global customers to be able to detect the potential presence of malware at source without degrading the scale, latency and resiliency of Amazon S3.
“Amazon GuardDuty, our machine learning threat detection service, has a new enhancement that helps customers detect threats within their environment,” Dickson said. “This feature seamlessly scans newly uploaded objects to Amazon S3 as it leverages the built-in third-party malware scanning engines directly within Amazon GuardDuty. The service is widely used by AWS customers today.”
“In the realm of identity and access management, AWS IAM now supports pass keys for second-factor authentication or multi-factor authentication,” Dickson added. “AWS CloudTrail Lake, on the other hand, now supports natural language query generation and includes activity logs for users, for services as well as for machines. Lastly, AWS Audit Manager service helps customers with compliance reporting and provides a best practice framework for customers to gain visibility on whether the generative AI workloads comply with controls around governance, data security, privacy, incident management, as well as business continuity planning.”
Layered security strategy
Dickson further revealed that AWS bakes in three layers of generative AI tech stack. She explained, “When we talk about generative AI, we always start from the bottom up. At the bottom layer, we provide the secure physical hardware for building and training large-linked models as well as foundational models. Its essential component, our Nitro system, continuously monitors, protects and verifies the hardware, including the instances that run our generative AI services.
“In the middle layer, we have tools such as Amazon Bedrock to help and develop generative AI models. For example, to safeguard against model abuse, we developed Amazon Bedrock guardrails, which can be applied to filter out harmful content.
“At the very top layer, we have applications that leverage large-language models and foundational models. For example, Amazon Q for developers, which is an AI coding companion, helps developers write code faster. Yes, generative AI can be built securely on AWS because we also believe in the art of the possible.”
Security benefits from generative AI
At AWS, generative AI is used to help security teams be more proactive and react faster to security issues.
“Generative AI automates routine tasks that thereby enable security teams to do more within the limits of their resources, ” Dickson elaborated. “These simple automation tasks include summarizing threat intelligence and automating patching of their servers, and we see generative AI being able to help our customers automate them.
“Generative AI also helps level up our security professionals. For example, they need to do things such as gain deeper threat-hunting insights or create and run these playbooks. Looking at the big picture, we see generative AI empowering our security teams from automating the mundane and upskilling security professionals while allowing customers to be more proactive or reactive.”
By raising the bar on AI security, these additional new features of AWS services make AWS the most secure cloud for generative AI. So, customers are increasingly choosing AWS to build their generative AI applications because they see AWS’s strong commitment to security. Thus, customers are improving their security outcomes and thereby creating innovative generative AI applications on top of AWS.
Be the first to comment