Preventing Data Leaks in RAG Pipelines with Bedrock
🔹 Securing the RAG Ingestion Pipeline
https://aws.amazon.com/blogs/security/securing-the-rag-ingestion-pipeline-filtering-mechanisms/
🔹 Hardening the RAG Chatbot Architecture
https://aws.amazon.com/blogs/security/hardening-the-rag-chatbot-architecture-powered-by-amazon-bedrock-blueprint-for-secure-design-and-anti-pattern-migration/
🔹 Building Secure and Scalable RAG Applications with Bedrock
https://aws.amazon.com/blogs/machine-learning/building-scalable-secure-and-reliable-rag-applications-using-amazon-bedrock-knowledge-bases/
#Bedrock #security
🔹 Securing the RAG Ingestion Pipeline
https://aws.amazon.com/blogs/security/securing-the-rag-ingestion-pipeline-filtering-mechanisms/
🔹 Hardening the RAG Chatbot Architecture
https://aws.amazon.com/blogs/security/hardening-the-rag-chatbot-architecture-powered-by-amazon-bedrock-blueprint-for-secure-design-and-anti-pattern-migration/
🔹 Building Secure and Scalable RAG Applications with Bedrock
https://aws.amazon.com/blogs/machine-learning/building-scalable-secure-and-reliable-rag-applications-using-amazon-bedrock-knowledge-bases/
#Bedrock #security
Amazon
Securing the RAG ingestion pipeline: Filtering mechanisms | Amazon Web Services
Retrieval-Augmented Generative (RAG) applications enhance the responses retrieved from large language models (LLMs) by integrating external data such as downloaded files, web scrapings, and user-contributed data pools. This integration improves the models’…
👍3
Comparison of different WAFs
◽️ AWS WAF
◽️ CloudFlare WAF
◽️ Google Cloud Armor
◽️ F5
◽️ Fortinet FortiWeb
◽️ Imperva Cloud WAF
◽️ Microsoft Azure WAF
◽️ NGINX ModSecurity
◽️ open-appsec
https://www.openappsec.io/post/best-waf-solutions-in-2024-2025-real-world-comparison
To make it easier to understand, I have added clearer captions to the graph.
#security
◽️ AWS WAF
◽️ CloudFlare WAF
◽️ Google Cloud Armor
◽️ F5
◽️ Fortinet FortiWeb
◽️ Imperva Cloud WAF
◽️ Microsoft Azure WAF
◽️ NGINX ModSecurity
◽️ open-appsec
https://www.openappsec.io/post/best-waf-solutions-in-2024-2025-real-world-comparison
To make it easier to understand, I have added clearer captions to the graph.
#security
👍10
AWS Trust Center — single source of truth for security and compliance.
https://aws.amazon.com/trust-center/
Like Amazon Builders' Library but for security.
#security
https://aws.amazon.com/trust-center/
Like Amazon Builders' Library but for security.
#security
🔥5👍3
AWS Notes
Лидер в области безопасности Wiz отклонил предложение продаться Google и идёт на IPO. https://www.theverge.com/2024/7/23/24204198/google-wiz-acquisition-called-off-23-billion-cloud-cybersecurity Очень хорошо, таким гигантам для столь чувствительной ниши…
Google + Wiz
Что не было куплено год назад за 23 миллиарда $, теперь куплено за 32.
https://cloud.google.com/blog/products/identity-security/google-announces-agreement-acquire-wiz
Что ж. Се ля курити.
#security
Что не было куплено год назад за 23 миллиарда $, теперь куплено за 32.
https://cloud.google.com/blog/products/identity-security/google-announces-agreement-acquire-wiz
Что ж. Се ля курити.
#security
Google Cloud Blog
Google announces agreement to acquire Wiz | Google Cloud Blog
Google announces agreement to acquire Wiz. Learn how this acquisition will provide a unified security platform and protect against new threats.
🤩4👌2
IngressNightmare — сразу несколько уязвимостей NGINX Controller for Kubernetes доступом к секретам всего и везде без авторизации:
https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities
◽️ Кто пострадал — обладатели NGINX Controller версий до 1.12.1/1.11.5. Для устранения нужно срочно обновиться на последнюю версию.
◽️ Кто не пострадал — пользователи EKS:
EKS does not provide or install the ingress-nginx controller and is not affected by these issues.
Официальный отчёт о уязвимости Kubernetes:
https://kubernetes.io/blog/2025/03/24/ingress-nginx-cve-2025-1974/
#Kubernetes #security
https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities
◽️ Кто пострадал — обладатели NGINX Controller версий до 1.12.1/1.11.5. Для устранения нужно срочно обновиться на последнюю версию.
◽️ Кто не пострадал — пользователи EKS:
EKS does not provide or install the ingress-nginx controller and is not affected by these issues.
Официальный отчёт о уязвимости Kubernetes:
https://kubernetes.io/blog/2025/03/24/ingress-nginx-cve-2025-1974/
#Kubernetes #security
wiz.io
CVE-2025-1974: The IngressNightmare in Kubernetes | Wiz Blog
Wiz Research uncovered RCE vulnerabilities (CVE-2025-1097, 1098, 24514, 1974) in Ingress NGINX for Kubernetes allowing cluster-wide secret access.
😁5👍2
Multi-party approval — когда нужно реализовать подтверждение на операцию в AWS от нескольких человек:
https://docs.aws.amazon.com/mpa/latest/userguide/
#security #organizations
https://docs.aws.amazon.com/mpa/latest/userguide/
#security #organizations
👍17❤4