Securing AI in the Cloud: AI Workload Security for AWS

By Eric Carter - JUNE 10, 2024


Security for AWS AI services with Sysdig

To bolster the security of AI workloads in the cloud, Sysdig has extended its recently launched AI Workload Security to AWS AI services, including Amazon Bedrock, Amazon SageMaker, and Amazon Q. This enhancement helps AWS AI service users secure AI workloads and keep pace with the speed of AI evolution.

Sysdig’s AI Workload Security for AWS AI services provides the visibility needed to establish data security measures that combat the risk of exposing trade secrets, proprietary information, and customer data through unauthorized access to AI workloads. If you have uncertainty about the protection and compliance of AI in your organization, read on to learn more about the common risks and what you can now do to establish and maintain the security, confidentiality, and integrity of AI for your business.

The Growing Challenge of AI Security

GenAI presents great potential but often contains vast amounts of sensitive training data. Organizations must be prepared for a range of security concerns spanning privacy, cyberattacks, regulatory compliance, and breach of intellectual property.

There are concerns that threat actors can use AI to carry out sophisticated attacks and compromise the integrity of an AI system. Growing regulations surrounding AI services only exacerbate the problem. Mandates from around the globe are putting organizations under pressure to ensure proper governance and supervision of GenAI usage.

AI Workload Security for Amazon Bedrock, Amazon SageMaker, and Amazon Q

AWS AI-related services, such as Amazon Bedrock, Amazon SageMaker, and Amazon Q, facilitate the development of GenAI-based applications. AWS gives you integration flexibility, letting you choose to use industry-leading foundational models (FMs) and have built-in enterprise-level security and privacy controls.

  • Amazon Bedrock: A fully managed service that supports foundation models (FMs) from many AI companies, like Anthropic, Cohere, Mistral AI, and Amazon, for building generative AI applications.
  • Amazon Q: A GenAI–powered assistant that answers questions, provides summaries, generates content, and completes tasks based on customer data and information.
  • Amazon Sagemaker: A fully managed service for high-performance, low-cost machine learning (ML). Provides foundation models used to build, train, and deploy AI models at scale.

Organizations are using these AI tools to build and scale tailored generative AI solutions to meet specific use cases and customer needs.

Bridging the AI Security Gap

The pace and speed of security operations must improve to confront AI risks. Many organizations lack the expertise needed to secure AI workloads and identify associated risks. Just as with any cloud service, it’s crucial to prioritize active risks to AI workloads, such as exposed vulnerabilities in production or attempts to manipulate AI requests and responses. Without comprehensive visibility, organizations may find AI doing more harm than good.

Unified Risk Management and Real-Time Insights

Sysdig understands the importance of speed in security response. We created open source Falco for this purpose. By applying automatic discovery with real-time threat detection, we can increase visibility into applications using AI services. Our goal is to help you manage and control AI usage — both legitimate and malicious. Let’s examine a few of the capabilities now available for AWS users who are building with AWS AI services.

Visibility Into AI Risk

Sysdig’s unified risk findings feature offers a consolidated view of correlated risks and events. For AI users, this will help streamline the workflow for prioritizing, investigating, and mitigating AI risks. Our Cloud Attack Graph integrates Risk Prioritization, Attack Path Analysis, and Inventory to provide a comprehensive view of details surrounding a particular risk. By providing a full view of the context of these risks – from where it’s happening, to corresponding vulnerabilities, and detected active threats – you can take swift action to mitigate security issues surrounding Bedrock, Q, and Sagemaker.

AWS AI workload risk

Checking Your AI Inventory

A key concern for many organizations is simply knowing where AI is being deployed and used. Our inventory feature helps you to identify the resources in your cloud environment that either have AI packages running or that are related, such as storage and IAM policies or roles. This visibility helps you check various aspects of security posture related to AI deployments, such as public exposure.

Sysdig AI inventory

AI Workload Detection and Response

Sysdig’s runtime policy engine enables you to select and apply detection and response rules for your AI workloads. You can apply a range of detections – built on Falco – observing activity using a range of available sources, like syscalls, Kubernetes audit, and AWS CloudTrail. This allows you to identify activity that might put your AI workloads at risk, such as reconnaissance activity attempting to discover and exploit your AI services or data tampering.

When a rule is triggered, Sysdig records and displays all of the context and detail associated with an event. This helps you assess the issue and take further action as needed. Sysdig ships with dozens of managed policies, which our Threat Research and engineering teams frequently update to help stay on top of known adversarial tactics.

AI CDR rules library

Preparing for the Future of AI Security

Understanding and managing AI risks is crucial as organizations race to integrate AI into their software. Together with AWS, Sysdig is enabling customers to securely harness the efficiency and speed that AI offers. AWS provides the key building blocks with solutions like Bedrock, Q, and Sagemaker, while real-time AI Workload Security from Sysdig ensures that organizations can safely capitalize on the benefits of AI with confidence.

AWS and Sysdig are ready to help organizations be better equipped to safeguard AI innovation. Extending Sysdig’s CNAPP solution to AWS AI services provides an additional layer of security to meet the growing demands for AI-related business solutions.

Watch our webinar, How to Safeguard GenAI Workloads in Exposed Environments, to hear more about how Sysdig helps secure your AI workloads.

Subscribe and get the latest updates