Techniques
Sample rules
AWS Bedrock Guardrails Detected Multiple Policy Violations Within a Single Blocked Request
- source: elastic
- technicques:
Description
Identifies multiple violations of AWS Bedrock guardrails within a single request, resulting in a block action, increasing the likelihood of malicious intent. Multiple violations implies that a user may be intentionally attempting to cirvumvent security controls, access sensitive information, or possibly exploit a vulnerability in the system.
Detection logic
from logs-aws_bedrock.invocation-*
// Filter for policy-blocked requests
| where gen_ai.policy.action == "BLOCKED"
// count number of policy matches per request (multi-valued)
| eval Esql.ml_policy_violations_mv_count = mv_count(gen_ai.policy.name)
// Filter for requests with more than one policy match
| where Esql.ml_policy_violations_mv_count > 1
// keep relevant fields
| keep
gen_ai.policy.action,
Esql.ml_policy_violations_mv_count,
user.id,
gen_ai.request.model.id,
cloud.account.id
// Aggregate requests with multiple violations
| stats
Esql.ml_policy_violations_total_unique_requests_count = count(*)
by
Esql.ml_policy_violations_mv_count,
user.id,
gen_ai.request.model.id,
cloud.account.id
// sort by number of unique requests
| sort Esql.ml_policy_violations_total_unique_requests_count desc
AWS Bedrock Detected Multiple Attempts to use Denied Models by a Single User
- source: elastic
- technicques:
Description
Identifies multiple successive failed attempts to use denied model resources within AWS Bedrock. This could indicated attempts to bypass limitations of other approved models, or to force an impact on the environment by incurring exhorbitant costs.
Detection logic
from logs-aws_bedrock.invocation-*
// Filter for access denied errors from GenAI responses
| where gen_ai.response.error_code == "AccessDeniedException"
// keep ECS and response fields
| keep
user.id,
gen_ai.request.model.id,
cloud.account.id,
gen_ai.response.error_code
// count total denials per user/model/account
| stats
Esql.ml_response_access_denied_count = count(*)
by
user.id,
gen_ai.request.model.id,
cloud.account.id
// Filter for users with repeated denials
| where Esql.ml_response_access_denied_count > 3
// sort by volume of denials
| sort Esql.ml_response_access_denied_count desc
AWS Bedrock Guardrails Detected Multiple Violations by a Single User Over a Session
- source: elastic
- technicques:
Description
Identifies multiple violations of AWS Bedrock guardrails by the same user in the same account over a session. Multiple violations implies that a user may be intentionally attempting to cirvumvent security controls, access sensitive information, or possibly exploit a vulnerability in the system.
Detection logic
from logs-aws_bedrock.invocation-*
// Filter for compliance violations detected
| where gen_ai.compliance.violation_detected
// keep relevant ECS + model fields
| keep
user.id,
gen_ai.request.model.id,
cloud.account.id
// count violations by user, model, and account
| stats
Esql.ml_violations_count = count(*)
by
user.id,
gen_ai.request.model.id,
cloud.account.id
// Filter for repeated violations
| where Esql.ml_violations_count > 1
// sort descending by violation volume
| sort Esql.ml_violations_count desc