LoFP / legitimate misunderstanding by users or overly strict policies

Techniques

Sample rules

AWS Bedrock Guardrails Detected Multiple Violations by a Single User Over a Session

• source: elastic
• technicques:

Description

Identifies multiple violations of AWS Bedrock guardrails by the same user in the same account over a session. Multiple violations implies that a user may be intentionally attempting to cirvumvent security controls, access sensitive information, or possibly exploit a vulnerability in the system.

Detection logic

from logs-aws_bedrock.invocation-*
| where gen_ai.compliance.violation_detected
| keep user.id, gen_ai.request.model.id, cloud.account.id
| stats violations = count(*) by user.id, gen_ai.request.model.id, cloud.account.id
| where violations > 1
| sort violations desc

AWS Bedrock Detected Multiple Attempts to use Denied Models by a Single User

• source: elastic
• technicques:

Description

Identifies multiple successive failed attempts to use denied model resources within AWS Bedrock. This could indicated attempts to bypass limitations of other approved models, or to force an impact on the environment by incurring exhorbitant costs.

Detection logic

from logs-aws_bedrock.invocation-*
| where gen_ai.response.error_code == "AccessDeniedException"
| keep user.id, gen_ai.request.model.id, cloud.account.id, gen_ai.response.error_code
| stats total_denials = count(*) by user.id, gen_ai.request.model.id, cloud.account.id
| where total_denials > 3
| sort total_denials desc

AWS Bedrock Guardrails Detected Multiple Policy Violations Within a Single Blocked Request

• source: elastic
• technicques:

Description

Identifies multiple violations of AWS Bedrock guardrails within a single request, resulting in a block action, increasing the likelihood of malicious intent. Multiple violations implies that a user may be intentionally attempting to cirvumvent security controls, access sensitive information, or possibly exploit a vulnerability in the system.

Detection logic

from logs-aws_bedrock.invocation-*
| where gen_ai.policy.action == "BLOCKED"
| eval policy_violations = mv_count(gen_ai.policy.name)
| where policy_violations > 1
| keep gen_ai.policy.action, policy_violations, user.id, gen_ai.request.model.id, cloud.account.id, user.id
| stats total_unique_request_violations = count(*) by policy_violations, user.id, gen_ai.request.model.id, cloud.account.id
| sort total_unique_request_violations desc