AWS Bedrock Guardrails Detected Multiple Violations by a Single User Over a Session
Identifies multiple violations of AWS Bedrock guardrails by the same user in the same account over a session. Multiple violations implies that a user may be intentionally attempting to cirvumvent security controls, access sensitive information, or possibly exploit a vulnerability in the system.
Elastic rule (View on GitHub)
1[metadata]
2creation_date = "2024/05/02"
3maturity = "production"
4updated_date = "2024/10/09"
5min_stack_comments = "ES|QL rule type is still in technical preview as of 8.13, however this rule was tested successfully; integration in tech preview"
6min_stack_version = "8.13.0"
7
8[rule]
9author = ["Elastic"]
10description = """
11Identifies multiple violations of AWS Bedrock guardrails by the same user in the same account over a session. Multiple
12violations implies that a user may be intentionally attempting to cirvumvent security controls, access sensitive
13information, or possibly exploit a vulnerability in the system.
14"""
15false_positives = ["Legitimate misunderstanding by users or overly strict policies"]
16from = "now-60m"
17interval = "10m"
18language = "esql"
19license = "Elastic License v2"
20name = "AWS Bedrock Guardrails Detected Multiple Violations by a Single User Over a Session"
21references = [
22 "https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-components.html",
23 "https://atlas.mitre.org/techniques/AML.T0051",
24 "https://atlas.mitre.org/techniques/AML.T0054",
25 "https://www.elastic.co/security-labs/elastic-advances-llm-security"
26]
27risk_score = 47
28rule_id = "0cd2f3e6-41da-40e6-b28b-466f688f00a6"
29setup = """## Setup
30
31This rule requires that guardrails are configured in AWS Bedrock. For more information, see the AWS Bedrock documentation:
32
33https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-create.html
34"""
35severity = "medium"
36tags = [
37 "Domain: LLM",
38 "Data Source: AWS Bedrock",
39 "Data Source: AWS S3",
40 "Resources: Investigation Guide",
41 "Use Case: Policy Violation",
42 "Mitre Atlas: T0051",
43 "Mitre Atlas: T0054",
44]
45timestamp_override = "event.ingested"
46type = "esql"
47
48query = '''
49from logs-aws_bedrock.invocation-*
50| where gen_ai.compliance.violation_detected
51| keep user.id, gen_ai.request.model.id, cloud.account.id
52| stats violations = count(*) by user.id, gen_ai.request.model.id, cloud.account.id
53| where violations > 1
54| sort violations desc
55'''
References
Related rules
- AWS Bedrock Guardrails Detected Multiple Policy Violations Within a Single Blocked Request
- AWS Bedrock Detected Multiple Attempts to use Denied Models by a Single User
- AWS Bedrock Detected Multiple Validation Exception Errors by a Single User
- Potential Abuse of Resources by High Token Count and Large Response Sizes
- AWS S3 Bucket Enumeration or Brute Force