Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Now that six in ten security leaders view AI as a “game changer” across all security functions and 85% of security professionals report increased AI investment and usage in the past year, it’s clear that AI is no longer a fringe technology in security operations. But the AI conversation has evolved recently as a new buzzword has taken over: agentic AI.

With the announcement of Anthropic’s Claude 3.7 Sonnet model, we, as developers and cybersecurity practitioners, find ourselves wondering – is the new model any better at generating secure code? We commission the model to generate a classic CRUD application with the following prompt: The model generates several files of code in one artifact, which the user can manually copy and organize according to the file tree suggested by Claude alongside the main artifact.

Please see part Part I for our introduction to leveraging AI in the enterprise and Part II for why the legacy landscape falls short in the age of GenAI.

The transition of AI from experimental to production is not without its challenges. Developers face the challenge of balancing rapid innovation with the need to protect users and meet strict regulatory requirements. To address this, we are introducing Guardrails in AI Gateway, designed to help you deploy AI safely and confidently.

Last November, the Open Web Application Security Project (OWASP) released its Top Ten List for LLMs and Gen AI Applications 2025, making some significant updates from its 2023 iteration. These updates can tell us a great deal about how the LLM threat and vulnerability landscape is evolving - and what organizations need to do to protect themselves.

Artificial Intelligence (AI) is a double-edged sword in cybersecurity, empowering both defenders and attackers. AI-driven security systems are often used to detect threats in real-time, analysing large datasets for anomalies, and automating responses to cyberattacks. However, cybercriminals are also leveraging AI to create advanced malware, automate phishing attacks, and evade traditional defenses.

As AI tools grow more sophisticated and accessible, sadly exploitation of these tools also increases. Recognising this, the Home Office has made the UK the first country in the world to introduce new legislation that targets predators producing AI-generated child sexual abuse material (CSAM). AI-generated content has severe consequences for victims. CSAMs may be used to manipulate or blackmail children, perpetuate harmful narratives, or retraumatise victims whose likenesses have been altered.

Generative AI (GenAI) applications, especially through Retrieval-Augmented Generation (RAG) pipelines, are transforming business interactions with data. These pipelines leverage language models and extensive enterprise knowledge bases for real-time queries of large internal datasets. Robust data privacy and security solutions are essential. Amazon Bedrock’s native security guardrails address this need.