Managing emerging threats in GenAI era with new AWS security services

Bryce Boland, head of security solution architecture for Asia-Pacific and Japan (APJ) at AWS, highlighted that businesses are already on their GenAI journeys, but securing GenAI at scale continues to be a challenge for organisations around the world.

According to a Deloitte report from 2024, 75 per cent of respondents said they plan to increase their security investments because of GenAI programmes.

As shown in the 2025 Thales Data Threat Report, 73 per cent of surveyed businesses are investing in AI-specific tools with either new or existing budgets.

In this context, the key priorities of their APJ customers are resilience, ensuring workloads remain online and raising the bar on security, while keeping costs manageable and protecting GenAI.

Talking to VIR at an online media briefing on July 8, Boland said, “Our customers across the region face active security threats. We are continuously working to ensure that the cloud services we provide are protected against those threats and to make it as easy as possible for our customers to build securely on the AWS cloud.”

“As customers look to drive positive business value from the technology, we’re seeing increased investment in securing their GenAI tools,” Boland added.

“At the core of AWS, we ensure all of our infrastructure is designed and built with resilience and security in mind. We’re proud to say we’ve achieved the least downtime in APJ. For us, developing resilience comes from a defence-in-depth model. This means that, similar to how you’d build multiple rings of protection around a castle, we have multiple layers of protection to safeguard our customers. And we continue to update our security solutions relentlessly,” he shared.

New security announcements

At AWS re:Inforce held in Philadelphia from June 16-18, AWS unveiled a suite of new and updated security capabilities to help customers of all sizes strengthen their digital defences, including new updates to AWS Security Hub, AWS Shield, and Amazon GuardDuty.

AWS re:Inforce in Philadelphia on June 16-18. Photo: AWS

These new tools will allow customers to better protect their digital assets, identify important security issues, defend against cyberattacks, and more.

AWS re:Inforce, the company's annual cloud security conference, brought together security experts, partners, and builders from around the world to collaborate on addressing emerging security challenges in the GenAI era.

AWS Security Hub

It helps customers identify their most critical security issues and respond quickly to reduce risks. It acts as a kind of “security command centre”, connecting the dots between different types of security alerts and vulnerabilities. This helps security teams quickly spot and prioritise active threats to their cloud systems.

By bringing everything together into one place, AWS Security Hub provides a clearer picture of an organisation's security status while eliminating the need to manually gather information from multiple security tools. AWS Security Hub is available in preview to AWS customers starting today.

AWS Shield

AWS Shield is enhancing how it protects websites and online applications by proactively finding network security configuration mistakes and weaknesses. The service now creates a map of customers' security resources, identifying vulnerabilities to common attacks like SQL injections (when hackers try to access data through website forms) and Distributed Denial-of-Service, or DDoS, attacks (when attackers overwhelm websites with fake traffic to make them crash).

AWS Shield provides an easy-to-understand dashboard that highlights issues by severity, along with step-by-step instructions for fixing problems quickly. Customers can even use Amazon Q, the most capable generative AI-powered assistant for work, to get guidance through simple conversations, rather than navigating complex security settings.

Amazon GuardDuty

AWS announced expanded capabilities for Amazon GuardDuty Extended Threat Detection (XTD), which now protects container-based applications running on Amazon Elastic Kubernetes Service (EKS). Amazon GuardDuty now improves the connections across various security signals in customers' systems to detect sophisticated attack patterns that might otherwise go unnoticed. By monitoring EKS audit logs, runtime behaviour, and activity, Amazon GuardDuty can now identify these complex, multi-stage attacks.

These improved detection capabilities allow security teams to spend less time investigating potential issues and more time addressing genuine threats, reducing the impact on business operations.

Scaling GenAI solutions

AWS has also helped address customer security needs by providing the resilient cloud architecture customers demand, keeping costs manageable, and helping its customers implement GenAI securely.

“At AWS, we bake security into all three layers of the GenAI tech stack. We begin at the bottom layer, which shows the physical security hardware used to build and train LLMs and other foundation models. One essential component of this is our Nitro System, which continuously protects, monitors, and verifies the instance hardware, including the instances running our GenAI services,” Boland shared.

Bryce Boland, head of security solution architecture for Asia-Pacific and Japan, AWS. Photo: AWS

In the middle layer, AWS has tools that allow people to build and scale using GenAI models, such as Amazon Bedrock. For example, to safeguard against model abuse, it has developed Amazon Bedrock Guardrails, which can be applied to filter out harmful content.

At the top layer, the company has applications that leverage LLMs and other foundation models. One example is Amazon Q Developer, an incredible generative AI-powered assistant that helps developers build code and deploy applications securely.

Many businesses in the region have applied AWS solutions and services to scaling GenAI solutions and gained success. They include Grab, Plerion, and others. They have been using Amazon Bedrock Guardrails to ensure their security needs are met while keeping costs low.

Specifically, Grab, a superapp, began their responsible AI journey in 2023 and has been using Amazon Bedrock Guardrails to ensure their security needs are met while keeping costs low. As of May this year, it had deployed this across all critical products and services.

Similarly, Plerion, an Australian startup, built Pleri, an AI security assistant, on AWS. They used Amazon Bedrock with different models, including Anthropic Claude and Amazon’s Nova, to automatically and proactively assist security teams. This has reduced the time needed to complete critical security tasks.

Using Amazon Bedrock (with Claude and Amazon Nova), AWS Lambda, and Amazon EventBridge, Plerion can actively search for new issues, then autonomously investigate, without waiting for a user report. For example, Pleri can scan for updates publishing information on new Zero Days, and then raise possible solutions for developers to quickly resolve for immediate remediation, improving security productivity quickly and effectively, and at scale.

Elsewhere, a leading financial services company in Singapore, Singlife adopted a cloud-first strategy to migrate from on-prem and resolve scalability, resilience, and operational costs concerns that were limiting innovation. Completing their migration in 18 months, they deployed more than 150 managed guardrails and security checks to help maintain security controls, and are now actively innovating with AI safely.

Since migrating to the cloud, they have not experienced any operational downtime or security events while achieving cost savings of $5 million annually.

How AWS is powering Vietnam’s financial industry transformation Vietnam’s financial industry is transforming to meet Basel III international banking standards. Eric Yeo, country general manager, Amazon Web Services (AWS) Vietnam, analyses how AWS is powering this transformation.

Vietnam approves national action programme for cloud computing Deputy Prime Minister Nguyen Chi Dung signed a decision on June 11 approving a national action programme for cloud computing development.

AWS launches Innovation Hub to empower cloud and AI innovation in Asia-Pacific Amazon Web Services (AWS) launched AWS Innovation Hub in Asia-Pacific and AI Springboard in Singapore on June 26 to empower cloud and AI innovation.