AWS Bedrock Guardrails Detected Multiple Policy Violations Within a Single Blocked Request
Identifies multiple violations of AWS Bedrock guardrails within a single request, resulting in a block action, increasing the likelihood of malicious intent. Multiple violations implies that a user may be intentionally attempting to cirvumvent security controls, access sensitive information, or possibly exploit a vulnerability in the system.
Elastic rule (View on GitHub)
1[metadata]
2creation_date = "2024/05/02"
3maturity = "production"
4updated_date = "2024/05/02"
5min_stack_comments = "ES|QL rule type is still in technical preview as of 8.13, however this rule was tested successfully; integration in tech preview"
6min_stack_version = "8.13.0"
7
8[rule]
9author = ["Elastic"]
10description = """
11Identifies multiple violations of AWS Bedrock guardrails within a single request, resulting in a block action,
12increasing the likelihood of malicious intent. Multiple violations implies that a user may be intentionally attempting
13to cirvumvent security controls, access sensitive information, or possibly exploit a vulnerability in the system.
14"""
15false_positives = ["Legitimate misunderstanding by users or overly strict policies"]
16from = "now-60m"
17interval = "10m"
18language = "esql"
19license = "Elastic License v2"
20name = "AWS Bedrock Guardrails Detected Multiple Policy Violations Within a Single Blocked Request"
21references = [
22 "https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-components.html",
23 "https://atlas.mitre.org/techniques/AML.T0051",
24 "https://atlas.mitre.org/techniques/AML.T0054",
25 "https://www.elastic.co/security-labs/elastic-advances-llm-security"
26]
27risk_score = 21
28rule_id = "f4c2515a-18bb-47ce-a768-1dc4e7b0fe6c"
29setup = """## Setup
30
31This rule requires that guardrails are configured in AWS Bedrock. For more information, see the AWS Bedrock documentation:
32
33https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-create.html
34"""
35severity = "low"
36tags = [
37 "Domain: LLM",
38 "Data Source: AWS Bedrock",
39 "Data Source: AWS S3",
40 "Resources: Investigation Guide",
41 "Use Case: Policy Violation",
42 "Mitre Atlas: T0051",
43 "Mitre Atlas: T0054",
44]
45timestamp_override = "event.ingested"
46type = "esql"
47
48query = '''
49from logs-aws_bedrock.invocation-*
50| where gen_ai.policy.action == "BLOCKED"
51| eval policy_violations = mv_count(gen_ai.policy.name)
52| where policy_violations > 1
53| stats total_unique_request_violations = count(*) by policy_violations, user.id, gen_ai.request.model.id, cloud.account.id
54| sort total_unique_request_violations desc
55'''
References
Related rules
- AWS Bedrock Guardrails Detected Multiple Violations by a Single User Over a Session
- AWS Bedrock Detected Multiple Attempts to use Denied Models by a Single User
- Enumeration of Privileged Local Groups Membership
- Exchange Mailbox Export via PowerShell
- PowerShell Suspicious Script with Clipboard Retrieval Capabilities