This put up was co-written with Nick Frichette and Vijay George from Datadog.
As organizations more and more undertake Amazon Bedrock for generative AI purposes, defending in opposition to misconfigurations that might result in information leaks or unauthorized mannequin entry turns into crucial. The AWS Generative AI Adoption Index, which surveyed 3,739 senior IT decision-makers throughout 9 nations, revealed that 45% of organizations chosen generative AI instruments as their high finances precedence in 2025. As extra AWS and Datadog clients speed up their adoption of AI, constructing AI safety into current processes will change into important, particularly as extra stringent rules emerge. However taking a look at AI dangers in a silo isn’t sufficient; AI dangers should be contextualized alongside different dangers corresponding to id exposures and misconfigurations. The mixture of Amazon Bedrock and Datadog’s complete safety monitoring helps organizations innovate quicker whereas sustaining strong safety controls.
Amazon Bedrock delivers enterprise-grade safety by incorporating built-in protections throughout information privateness, entry controls, community safety, compliance, and accountable AI safeguards. Buyer information is encrypted each in transit utilizing TLS 1.2 or above and at relaxation with AWS Key Management Service (AWS KMS), and organizations have full management over encryption keys. Knowledge privateness is central: your enter, prompts, and outputs should not shared with mannequin suppliers nor used to coach or enhance basis fashions (FMs). Effective-tuning and customizations happen on non-public copies of fashions, offering information confidentiality. Entry is tightly ruled by AWS Identity and Access Management (IAM) and resource-based insurance policies, supporting granular authorization for customers and roles. Amazon Bedrock integrates with AWS PrivateLink and helps digital non-public cloud (VPC) endpoints for personal, inside communication, so site visitors doesn’t depart the Amazon community. The service complies with key trade requirements corresponding to ISO, SOC, CSA STAR, HIPAA eligibility, GDPR, and FedRAMP Excessive, making it appropriate for regulated industries. Moreover, Amazon Bedrock consists of configurable guardrails to filter delicate or dangerous content material and promote accountable AI use. Safety is structured beneath the AWS Shared Duty Mannequin, the place AWS manages infrastructure safety and clients are accountable for safe configurations and entry controls inside their Amazon Bedrock surroundings.
Constructing on these strong AWS security measures, Datadog and AWS have partnered to offer a holistic view of AI infrastructure dangers, vulnerabilities, delicate information publicity, and different misconfigurations. Datadog Cloud Security employs each agentless and agent-based scanning to assist organizations establish, prioritize, and remediate dangers throughout cloud assets. This integration helps AWS customers prioritize dangers based mostly on enterprise criticality, with safety findings enriched by observability information, thereby enhancing their general safety posture in AI implementations.
We’re excited to announce new safety capabilities in Datadog Cloud Safety that may make it easier to detect and remediate Amazon Bedrock misconfigurations earlier than they change into safety incidents. This integration helps organizations embed strong safety controls and safe their use of the highly effective capabilities of Amazon Bedrock by providing three crucial benefits: holistic AI safety by integrating AI safety into your broader cloud safety technique, real-time threat detection by figuring out potential AI-related safety points as they emerge, and simplified compliance to assist meet evolving AI rules with pre-built detections.
AWS and Datadog: Empowering clients to undertake AI securely
The partnership between AWS and Datadog is concentrated on serving to clients function their cloud infrastructure securely and effectively. As organizations quickly undertake AI applied sciences, extending this partnership to incorporate Amazon Bedrock is a pure evolution. Amazon Bedrock is a completely managed service that makes high-performing FMs from main AI corporations and Amazon accessible by a unified API, making it a super start line for Datadog’s AI safety capabilities.
The choice to prioritize Amazon Bedrock integration is pushed by a number of elements, together with sturdy buyer demand, complete safety wants, and the present integration basis. With over 900 integrations and a partner-built Market, Datadog’s long-standing partnership with AWS and deep integration capabilities have helped Datadog shortly develop complete safety monitoring for Amazon Bedrock whereas utilizing their current cloud safety experience.
All through This fall 2024, Datadog Security Research noticed growing menace actor curiosity in cloud AI environments, making this integration significantly well timed. By combining the highly effective AI capabilities of AWS with Datadog’s safety experience, you’ll be able to safely speed up your AI adoption whereas sustaining strong safety controls.
How Datadog Cloud Safety helps safe Amazon Bedrock assets
After including the AWS integration to your Datadog account and enabling Datadog Cloud Safety, Datadog Cloud Safety repeatedly displays your AWS surroundings, figuring out misconfigurations, id dangers, vulnerabilities, and compliance violations. These detections use the Datadog Severity Scoring system to prioritize them based mostly on infrastructure context. The scoring considers quite a lot of variables, together with if the useful resource is in manufacturing, is publicly accessible, or has entry to delicate information. This multi-layer evaluation will help you cut back noise and focus your consideration to essentially the most crucial misconfigurations by contemplating runtime conduct.
Partnering with AWS, Datadog is happy to supply detections for Datadog Cloud Safety clients, corresponding to:
- Amazon Bedrock customized fashions shouldn’t output mannequin information to publicly accessible S3 buckets
- Amazon Bedrock customized fashions shouldn’t practice from publicly writable S3 buckets
- Amazon Bedrock guardrails ought to have a immediate assault filter enabled and block immediate assaults at excessive sensitivity
- Amazon Bedrock agent guardrails ought to have the delicate info filter enabled and block extremely delicate PII entities
Detect AI misconfigurations with Datadog Cloud Safety
To know how these detections will help safe your Amazon Bedrock infrastructure, let’s take a look at a particular use case, wherein Amazon Bedrock customized fashions shouldn’t practice from publicly writable Amazon Simple Storage Service (Amazon S3) buckets.
With Amazon Bedrock, you’ll be able to customise AI fashions by fine-tuning on domain specific data. To do that, that information is saved in an S3 bucket. Risk actors are continually evaluating the configuration of S3 buckets, searching for the potential to entry delicate information and even the power to write down to S3 buckets.
If a menace actor finds an S3 bucket that was misconfigured to allow public write entry, and that very same bucket contained information that was used to coach an AI mannequin, a foul actor may poison that dataset and introduce malicious conduct or output to the mannequin. This is named a data poisoning attack.
Usually, detecting a lot of these misconfigurations requires a number of steps: one to establish the S3 bucket misconfigured with write entry, and one to establish that the bucket is being utilized by Amazon Bedrock. With Datadog Cloud Safety, this detection is one in all a whole bunch which can be activated out of the box.
Within the Datadog Cloud Safety system, you’ll be able to view this difficulty alongside surrounding infrastructure utilizing Cloud Map. This gives reside diagrams of your cloud structure, as proven within the following screenshot. AI dangers are then contextualized alongside delicate information publicity, id dangers, vulnerabilities, and different misconfigurations to provide you a 360-view of dangers.
For instance, you would possibly see that your utility is utilizing Anthropic’s Claude 3.7 on Amazon Bedrock and accessing coaching or immediate information saved in an S3 bucket that additionally has public write entry. This might inadvertently influence mannequin integrity by introducing unapproved information to the big language mannequin (LLM), so you’ll want to replace this configuration. Although primary, step one for many safety initiatives is figuring out the difficulty. With agentless scanning, Datadog scans your AWS surroundings at intervals between quarter-hour and a couple of hours, so customers can establish misconfigurations as they’re launched to their surroundings. The subsequent step is to remediate this threat. Datadog Cloud Safety provides robotically generated remediation steerage, particularly for every threat (see the next screenshot). You’re going to get a step-by-step clarification of how one can repair every discovering. On this state of affairs, we will remediate this difficulty by modifying the S3 bucket’s coverage, serving to forestall public write entry. You are able to do this immediately in AWS, create a JIRA ticket, or use the built-in workflow automation instruments. From right here, you’ll be able to apply remediation steps immediately inside Datadog and make sure that the misconfiguration has been resolved.
Resolving this difficulty will positively influence your compliance posture, as illustrated by the posture rating in Datadog Cloud Safety, serving to groups meet inside benchmarks and regulatory requirements. Groups can even create customized frameworks or iterate on current ones for tailor-made compliance controls.
As generative AI is embraced throughout industries, the regulatory surroundings will evolve. Datadog will proceed partnering with AWS to develop their detection library and help safe AI adoption and compliance.
How Datadog Cloud Safety detects misconfigurations in your cloud surroundings
You may deploy Datadog Cloud Safety both with the Datadog agent, agentlessly, or each to maximise safety protection in your cloud surroundings. Datadog clients can begin monitoring their AWS accounts for misconfigurations by first including the AWS integration to Datadog. This allows Datadog to crawl cloud assets in buyer AWS accounts.
Because the Datadog system finds assets, it runs by a catalog of a whole bunch of out-of-the-box detection guidelines in opposition to these assets, searching for misconfigurations and menace paths that adversaries can exploit.
Safe your AI infrastructure with Datadog
Misconfigurations in AI programs will be dangerous, however with the fitting instruments, you’ll be able to have the visibility and context wanted to handle them. With Datadog Cloud Safety, groups acquire visibility into these dangers, detect threats early, and remediate points with confidence. As well as, Datadog has additionally launched quite a few agentic AI security measures, designed to assist groups acquire visibility into the well being and safety of crucial AI workload, which incorporates new bulletins made to Datadog’s LLM observability features.
Lastly, Datadog introduced Bits AI Security Analyst alongside different Bits AI brokers at DASH. Included as a part of Cloud SIEM, Bits is an agentic AI safety analyst that automates triage for AWS CloudTrail alerts. Bits investigates every alert like a seasoned analyst: pulling in related context from throughout your Datadog surroundings, annotating key findings, and providing a transparent suggestion on whether or not the sign is probably going benign or malicious. By accelerating triage and surfacing actual threats quicker, Bits helps cut back imply time to remediation (MTTR) and frees analysts to deal with necessary menace looking and response initiatives. This helps throughout totally different threats, together with AI-related threats.
To study extra about how Datadog helps safe your AI infrastructure, see Monitor Amazon Bedrock with Datadog or take a look at our security documentation. Should you’re not already utilizing Datadog, you will get began with Datadog Cloud Safety with a 14-day free trial.
Concerning the Authors
Nina Chen is a Buyer Options Supervisor at AWS specializing in main software program corporations to make use of the facility of the AWS Cloud to speed up their product innovation and development. With over 4 years of expertise working within the strategic unbiased software program vendor (ISV) vertical, Nina enjoys guiding ISV companions by their cloud transformation journeys, serving to them optimize their cloud infrastructure, driving product innovation, and delivering distinctive buyer experiences.
Sujatha Kuppuraju is a Principal Options Architect at AWS, specializing in cloud and generative AI safety. She collaborates with software program corporations’ management groups to architect safe, scalable options on AWS and information strategic product growth. Utilizing her experience in cloud structure and rising applied sciences, Sujatha helps organizations optimize choices, keep strong safety, and convey modern merchandise to market in an evolving tech panorama.
Nick Frichette is a Employees Safety Researcher for Cloud Safety Analysis at Datadog.
Vijay George is a Product Supervisor for AI Safety at Datadog.
