{"data":{"id":"0065916a-399f-4874-93ad-31a83a1e7e04","title":"The AWS AI Security Framework: Securing AI with the right controls, at the right layers, at the right phases","summary":"The AWS AI Security Framework is a structured approach that helps organizations secure AI systems by applying the right security controls across three layers (infrastructure, identity/data, and AI application), three use cases (question-answering AI, data-connected AI like RAG, and autonomous agents), and three phases (prototype, production, and scale). The framework addresses unique AI security challenges like prompt injection (tricking AI systems by hiding malicious instructions in user input) and non-deterministic outputs by implementing input validation, content filtering, and continuous monitoring from day one of development.","solution":"The framework recommends implementing controls across three phases: Phase 1 (Foundational) involves extending existing controls to AI, establishing identity management and fine-grained access controls, and adding content filtering and guardrails; Phase 2 (Enhanced) adds threat detection, data classification, and AI-specific monitoring for production; Phase 3 (Advanced) automates governance, compliance, and incident response at scale. AWS also offers a no-cost SHIP engagement to baseline security posture and build a prioritized roadmap.","labels":["security","policy"],"sourceUrl":"https://aws.amazon.com/blogs/security/the-aws-ai-security-framework-securing-ai-with-the-right-controls-at-the-right-layers-at-the-right-phases/","publishedAt":"2026-05-15T17:38:16.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":["Amazon"],"affectedVendorsRaw":["AWS"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-05-15T17:38:16.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability","safety"],"aiComponentTargeted":null,"llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}