Week 27 · 2 min read
June 29 – July 6, 2026
AWS WAF now supports Amazon Bedrock AgentCore Gateway. You can attach a WAF protection pack at the Gateway layer with IP-based controls, rate-based rules, AWS Managed Rule Groups, known bad input rules, and Bot Control, then apply that policy to every downstream target behind the Gateway. For agentic AI, this is the right control point: protect the tool and agent entry path once instead of bolting controls on every integration.
AWS Security Hub CSPM launched the AI Security Best Practices standard with 31 automated controls. The standard evaluates Amazon Bedrock, Bedrock AgentCore, and SageMaker resources across network isolation, encryption, VPC placement, KMS usage, private container registry requirements, and authorization controls. This provides a native CSPM baseline for fast-changing agent and model environments.
IAM Identity Center enables customer managed applications to programmatically access AWS accounts on behalf of signed-in users. Applications using an external IdP can use a trusted token issuer, discover assigned accounts and roles, and retrieve temporary credentials without a second AWS authentication flow. Account access must be explicitly enabled per application by the management account or delegated administrator.
AWS Network Firewall supports container attribute-based rules for Amazon EKS and Amazon ECS. Policies can reference EKS namespace, cluster name, and labels, or ECS cluster name and container instance attributes, instead of IP rules that drift when pods scale, restart, or move. TLS decryption, FQDN filtering, URL category filtering, and GeoIP filtering become more practical for dynamic container estates and AI workloads.
Amazon GuardDuty Runtime Monitoring added sensitive file modification detections for EC2, EKS, and ECS workloads. The new findings detect persistence, privilege escalation, and defense evasion behavior when critical system files, authentication settings, configuration files, or system logs are modified. GuardDuty monitors open-for-write, rename, symlink, link, and unlink operations directly, helping catch post-compromise activity when attackers avoid obvious command-line patterns.
AWS Artifact added Assurance Assistant for compliance inquiries. It generates citation-backed answers from AWS compliance documentation and supports single-question responses or bulk XLSX questionnaire processing for CAIQ, SIG, and custom DDQs. The value is that AWS is turning the evidence library into a controlled workflow with source citations, export options, and IAM managed policies for inquiry access.
Amazon EC2 Dedicated Hosts support AMD SEV-SNP. Customers can allocate a Dedicated Host with SEV-SNP enabled and launch confidential computing instances on physical servers dedicated to their use, while retaining placement control and host affinity over time. For regulated workloads, this combines hardware-backed memory protection with a stronger tenancy and placement model.