Cloud Storage Security Help Docs
Release Notes
  • Introduction
  • Getting Started
    • How to Subscribe
      • Pay-As-You-Go (PAYG)
      • Bring Your Own License/GovCloud (BYOL)
      • AWS Transfer Family
    • How to Deploy
      • Steps to Deploy
      • Advanced Deployment Considerations
      • AWS Transfer Family
    • How to Configure
  • Console Overview
    • Dashboard
    • Malware Scanning
      • AWS
        • Buckets
        • Amazon EBS Volumes
        • Amazon EFS Volumes
        • Amazon FSx Volumes
        • WorkDocs Connections
      • Azure
        • Blob Containers
      • GCP
        • GCP Buckets
    • See What's Infected
      • Findings
      • Malware History
      • Results
    • Schedules
    • Monitoring
      • Error Logs
      • Bucket Settings
      • Deployment
      • Jobs
      • Notifications
      • Storage Assessment
      • Usage
    • Configuration
      • Classification Rule Sets
      • Classification Custom Rules
      • Scan Settings
      • Console Settings
      • AWS Integrations
      • Job Networking
      • API Agent Settings
      • Proactive Notifications
      • License Management
      • Event Agent Settings
    • Access Management
      • Manage Users
      • Manage Accounts
        • Linking an AWS Account
        • Linking an Azure Account
        • Linking a GCP Account
      • Manage Groups
    • Support
      • Getting Started
      • Stay Connected
      • Contact Us
      • Documentation
  • Product Updates
  • How It Works
    • Scanning Overview
      • Event Driven Scanning for New Files
      • Retro Scanning for Pre-Existing Files
      • API Driven Scanning
    • Architecture Overview
    • Deployment Details
    • Sizing Discussion
    • Integrations
      • AWS Security Hub
      • AWS CloudTrail Lake
      • AWS Transfer Family
      • Amazon GuardDuty
      • Amazon Bedrock
    • Demo Videos
    • Scanning APIs
    • SSO Integrations
      • Entra ID SSO Integration
      • Okta SSO Integration
  • Frequently Asked Questions
    • Getting Started
    • Product Functionality
    • Architecture Related
    • Supported File Types
  • Troubleshooting
    • CloudFormation Stack failures
    • Cross-Region Scanning on with private network
    • API Scanning: Could not connect to SSL/TLS (v7)
    • Password not received after deployment
    • Conflicted buckets
    • Modifying scaling info post-deployment
    • Objects show unscannable with access denied
    • Remote account objects not scanning
    • My scanning agents keep starting up and immediately shutting down
    • I cannot access the management console
    • Linked Account Out of Date
    • Rebooting the Management Console
    • Error when upgrading to the latest major version
    • I Cannot Create/Delete an API Agent
  • Release Notes
    • Latest (v8)
    • v7
    • v6 and older
  • Contact Us & Support
  • Data Processing Agreement
  • Privacy Policy
Powered by GitBook
On this page
  • Amazon Bedrock Integration for Custom Classification Rules
  • Amazon Bedrock Integration for Malware Definitions & Remediation
  • Enabling Amazon Bedrock and Supported Regions
  1. How It Works
  2. Integrations

Amazon Bedrock

PreviousAmazon GuardDutyNextDemo Videos

Last updated 5 months ago

We have integrated Amazon Bedrock's AI functionality into our solution for two purposes:

  1. Helping create custom data classification regular expression (RegEx) rules

  2. When Malware is discovered you can “Ask Bedrock” for more information on the finding

Amazon Bedrock Integration for Custom Classification Rules

Effective data classification requires policies and rulesets that are written for particular types of information. Yet, crafting RegEx policies is often challenging because the syntax can be complex and dense. Our integration with Amazon Bedrock simplifies this process by leveraging the power of artificial intelligence. All you need to do is enter a simple text prompt to identify patterns or text and the exact value you need for the rule will be created.

To get started, you’ll need to enable the Amazon Bedrock integration. Then you can navigate to Configuration in the navigation of your AV console and click on Classification Custom Rules. From there, click the “Create Rule” button. In the popup, enter a name and description, then click on “Create expression using Amazon Bedrock” to have the RegEx built for you.

For example, to create a RegEx rule that identifies certain credit card numbers, enter the Prompt “create a regular expression that discovers all American Express credit card numbers”. Then select Send Prompt to generate a RegEx rule that can be used. Each response is accompanied by an explanation of the RegEx. Click “save”.

If you’re a RegEx pro, custom classification rules can be created without the assistance of Bedrock—simply enter the regular expression, add a name plus description, and hit “save” to create the rule.

Amazon Bedrock Integration for Malware Definitions & Remediation

Suspicious or malicious files can be cryptic, requiring additional analysis to understand what the malware does and its level of impact. Yet, using tools like Google search or VirusTotal to get that additional context can slow down an investigation, require data transfers, or increase potential for manual error.

Now, customers can “Ask Bedrock” by utilizing our integration with Amazon Bedrock to analyze found malware and obtain risk mitigation strategies in just a few seconds. No need to worry about data that’s transferred over the public internet or sent to a third party because the Bedrock instance runs in your account. Malware forensics includes, but is not limited to, information about:

  • What strain of malware has been detected

  • If executed, what actions that piece of malware could take

  • What to do to properly remediate the threat

To access this information, Amazon Bedrock must be enabled. To use this feature, navigate to the Findings page in the main menu of the CSS console, click the three dots on the right side of any finding and select “Show Amazon Bedrock Analysis”.

Enabling Amazon Bedrock and Supported Regions

This integration is disabled by default but you can enable it by going to Configuration > AWS Integrations. From there you can click the toggle to turn it on.

The console must be deployed in one of the following regions to have access to Bedrock:

  • US East (N. Virginia)

  • US West (Oregon)

  • Asia Pacific (Tokyo)

  • Europe (Frankfurt)

  • AWS GovCloud (US-West)