Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

With the announcement of Anthropic’s Claude 3.7 Sonnet model, we, as developers and cybersecurity practitioners, find ourselves wondering – is the new model any better at generating secure code? We commission the model to generate a classic CRUD application with the following prompt: The model generates several files of code in one artifact, which the user can manually copy and organize according to the file tree suggested by Claude alongside the main artifact.

Please see part Part I for our introduction to leveraging AI in the enterprise and Part II for why the legacy landscape falls short in the age of GenAI.

The transition of AI from experimental to production is not without its challenges. Developers face the challenge of balancing rapid innovation with the need to protect users and meet strict regulatory requirements. To address this, we are introducing Guardrails in AI Gateway, designed to help you deploy AI safely and confidently.

Last November, the Open Web Application Security Project (OWASP) released its Top Ten List for LLMs and Gen AI Applications 2025, making some significant updates from its 2023 iteration. These updates can tell us a great deal about how the LLM threat and vulnerability landscape is evolving - and what organizations need to do to protect themselves.

Artificial Intelligence (AI) is a double-edged sword in cybersecurity, empowering both defenders and attackers. AI-driven security systems are often used to detect threats in real-time, analysing large datasets for anomalies, and automating responses to cyberattacks. However, cybercriminals are also leveraging AI to create advanced malware, automate phishing attacks, and evade traditional defenses.

As AI tools grow more sophisticated and accessible, sadly exploitation of these tools also increases. Recognising this, the Home Office has made the UK the first country in the world to introduce new legislation that targets predators producing AI-generated child sexual abuse material (CSAM). AI-generated content has severe consequences for victims. CSAMs may be used to manipulate or blackmail children, perpetuate harmful narratives, or retraumatise victims whose likenesses have been altered.

Generative AI (GenAI) applications, especially through Retrieval-Augmented Generation (RAG) pipelines, are transforming business interactions with data. These pipelines leverage language models and extensive enterprise knowledge bases for real-time queries of large internal datasets. Robust data privacy and security solutions are essential. Amazon Bedrock’s native security guardrails address this need.

Healthcare organizations managing multiple websites must protect Protected Health Information (PHI) while complying with HIPAA, HHS regulations, state laws, and global privacy requirements. Feroot DataShield AI provides automated monitoring and protection across distributed healthcare web environments.

The cybersecurity industry is facing a new challenge: AI-generated attacks. With the rapid advancement of generative AI, cybercriminals now have access to sophisticated tools that enable them to craft highly targeted attacks with minimal technical expertise. Unlike traditional attack methods that require deep programming knowledge, AI-driven attacks allow even non-technical malicious actors to create malware, exploit scripts, and launch phishing campaigns with ease.