TalksAWS re:Invent 2025 - Cloud Application Security in the AI Era: Lessons from Adobe & Fortinet -HMC208

AWS re:Invent 2025 - Cloud Application Security in the AI Era: Lessons from Adobe & Fortinet -HMC208

Securing Cloud Applications in the AI Era: Lessons from Adobe and Fortinet

The Evolving Security Landscape

  • The security implications of AI have evolved tremendously in the past year
  • AI is fundamentally shifting how security is approached, creating new attack surfaces and challenges
  • Anecdotal security issues are now becoming widespread, requiring a shift from quality control to governance

Key Security Risks and Concerns

  1. Model Poisoning: Attackers can slowly introduce bias or poison models over time to avoid detection
  2. Unauthorized Access: Privilege escalation through poorly secured AI tools and agents
  3. Malicious Prompts: Attackers crafting prompts to exploit or misuse AI systems
  4. Data Leaks: AI agents inadvertently exposing sensitive data they should not have access to
  5. Untrusted Third-Party AI: Risks of using external AI models and services without proper controls

Securing the AI Application Stack

  1. Permissions and Access Control:

    • Treat AI agents as users with least-privilege access
    • Avoid giving agents excessive permissions or access to sensitive data/systems
    • Implement zero-trust principles for agent-to-agent communication

  2. Data Hygiene and Lineage:

    • Implement data maturity models (raw, semi-raw, classified data)
    • Ensure data is properly sanitized, encrypted, and access-controlled
    • Maintain data lineage to enable auditing and reversion of corrupted data

  3. Automated Security Tooling:

    • Use AI-powered anomaly detection for web application and API security
    • Leverage LLM firewalls/proxies to inspect and control prompts, model selection, and data egress
    • Integrate static and dynamic security analysis, with AI providing context to reduce false positives

Shifting to AI-Native Security

  1. AI-Augmented Threat Modeling:

    • Use AI to identify architectural flaws and misconfigurations
    • Combine static analysis with AI-driven context to improve accuracy

  2. Workforce Enablement:

    • Invest in training security and development teams on AI literacy and security awareness
    • Foster a culture where security is a shared responsibility, but security teams own the accountability

  3. Ecosystem Collaboration:

    • Unify security pipelines across cloud platforms and vendors
    • Share telemetry and leverage AI-driven observability across the application ecosystem

Key Takeaways

  • The attack surface has expanded significantly with the introduction of AI, requiring a shift from quality control to governance
  • Implementing robust permissions, data hygiene, and automated security tooling is crucial to mitigate emerging AI-specific risks
  • Embracing an AI-native security approach, upskilling the workforce, and collaborating across the ecosystem are essential for effective cloud application security in the AI era.

Your Digital Journey deserves a great story.

Build one with us.

Talk to us
Cookies Icon

This website stores cookies on your computer.

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.