With the success of ChatGPT, generative AI (Artificial Intelligence Generated Content, also called AIGC) and large models will also become popular around the world in 2023 and become household words.
So when the capabilities of AI and large models are applied to the security field, what kind of changes will it bring?
At the re:Inforce 2023 Global Conference not long ago, Amazon Cloud Technology gave a demonstration for the industry.
Security is a top priority for Amazon's cloud tech
As an annual industry feast in the global security field, Amazon Cloud Technology re:Inforce 2023 Global Conference kicked off on June 13, 2023 in Anaheim, California, USA. CJ Moses, Chief Security Officer of Amazon Cloud Technology, delivered a speech at the conference keynote speech.
"Security is always the top priority of Amazon cloud technology." CJ Moses said, "Security is the combination of people, culture and technology, and understanding human psychology is very necessary. 'Good enough' is far from us and our customers. Not enough."
When introducing the famous "security responsibility sharing model" of Amazon Cloud Technology, CJ Moses said that through this sharing model, Amazon Cloud Technology is responsible for the security of the cloud itself, and customers are responsible for the security of their own business in the cloud. Multi-level security protection services help customers improve security protection in the cloud.
Talking about the security innovation journey of Amazon cloud technology, CJ Moses pointed out that Amazon cloud technology ensures security from the bottom chip. Amazon Nitro integrates virtualization and security features into purpose-built hardware and software for near-bare-metal performance and enhanced security. Nitro is designed from the ground up to meet the needs of customers' most sensitive workloads and provide protection for customers.
New security service powered by AI technology
At the re:Inforce 2023 Global Conference, Amazon Cloud Technology launched more than a dozen new security services and functions, including the official availability of Amazon Verified Permissions, expanding the scope of Amazon Detective discovery groups, Amazon Inspector fully supporting code scanning of Lambda functions, and launching Amazon CodeGuru Security preview, Amazon Built-In Partner Solutions preview, and more.
Among them, the preview version of Amazon CodeGuru Security powered by AI has attracted the attention of engineering and security teams. As a static application security testing (SAST) tool, CodeGuru Security can use machine learning technology to help users identify code vulnerabilities and provide guidance for repairing vulnerabilities. It can also provide contextual code patches for certain types of vulnerabilities to help users reduce repairs. Effort required for code vulnerabilities. Thanks to the powerful empowerment of AI and machine learning technology, CodeGuru Security provides richer functions, lower false alarm rate, and higher efficiency, and naturally won high favor from users.
In addition, Amazon Cloud Technology's threat detection service Amazon GuardDuty has also added three new features. Among them, EKS Runtime Monitoring improves threat detection for customers' containerized workloads; GuardDuty RDS Protection helps customers protect their data stored in Amazon Aurora; GuardDuty Lambda Protection helps customers detect threats to Serverless applications. These three new capabilities extend the coverage of Amazon GuardDuty protection to container runtime activities, databases and serverless environments, further improving the security protection of customer workloads. It is worth mentioning that the birth of these three new functions also benefited a lot from AI empowerment.
Protecting Against Security Threats with Generative AI and Big Models
At the re:Invent 2022 global conference at the end of last year, Amazon Cloud Technology announced the launch of the Amazon Security Lake security data lake service to help customers and partners gain a more comprehensive understanding of their company's security situation, take action faster, and strengthen their work. Protection of workloads, applications and data. On May 31, 2023, Amazon Cloud Technology announced that Amazon Security Lake, a secure data lake, is officially available. At the re:Inforce 2023 Global Conference, CJ Moses also gave a detailed introduction to the service.
CJ Moses said that in the face of raw security data systems and massive security data from different sources and in different formats, how to accurately "salvage" data and quickly identify security threats has always been a key difficulty in the security field. In the past, the security data analysis tools provided by many analysis companies and suppliers were not satisfactory, and many customers were even trapped in these tools. Amazon Cloud Technology hopes to provide customers with the ability to obtain and analyze all security data in one place, and the purpose-built Amazon Security Lake security data lake service is born for this purpose.
When it comes to generative AI and large models that are currently hot, CJ Moses said that generative AI and large models are very good tools that can be used to help enterprises prevent and respond to security threats. For example, by creating a YARA rule, the large language model can help users fight against malicious Trojans and ransomware. It is foreseeable that in the near future, more security services will be applied to technologies such as generative AI and large models.
