AWS re:Inforce 2025 - COM326

Transcript

1. © 2025, Amazon Web Services, Inc. or its affiliates. All

   rights reserved.

2. © 2025, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. © 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved. Hardening Generative AI Applications Using Threat Model Agent Shaoyi Li C O M 3 2 6 (he/him) AWS Community Hero PAX Technology

3. © 2025, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Agenda 01 Why threat modeling 02 Common challenges with threat modeling 03 How to address the challenges 04 AI-Powered Threat Modeling Solution 05 Architecture overview 06 Demo

4. © 2025, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Why threat modeling? • Skipping threat modeling leaves applications at high risks (breaches, outages, brand damage). • Shift Left - detect and fix the risks in the design phase can reduce security cost by up to 150x • Meet compliance requirements, such as PCI DSS, GDPR, HIPPA, etc. • A security architecture design best practice highlighted in the AWS Well-Architected Framework (SEC01-BP07 “Identify threats and prioritize mitigations using a threat model”) • Create a security-by-design culture within the organization

5. © 2025, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Challenges with threat modeling Novel AI Risks Manual and Complex Static and Stale Later Stages in SDLC

6. © 2025, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. How to address the challenges STRIDE + OWASP Top 10 Automated and Streamlined Continuous Updates Security by Design

7. © 2025, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. AI-Powered Threat Modeling Solution Threat Designer Threat Designer is an AI-driven agent designed to automate and streamline the threat modeling process for secure system design. Features: •Supports threats identification in AI system •Automated threat modeling from a single architecture diagram •Dynamic threat modeling as the system scales •Mitigate threats in design phase

8. © 2025, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. AI-Powered Threat Modeling Solution Start Image processing Assets Flows Threats End Continue Standard Replay: skip and retrieve from state Iterations • auto gap analysis • reasoning (4k/8k/16k tokens) Input: • System architecture diagram (required) • Infrastructure as Code template files • System Description & Assumptions Output: • Assets list, data flows, trust boundaries, threat sources • Comprehensive threat list generated from STRIDE & OWASP Top 10 for LLMs • Mitigations, remediation plan and red teaming plan

9. © 2025, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Architecture overview

10. © 2025, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Architecture overview • Frontend: Amplify (ReactJS) • Authentication: Cognito • API: API Gateway • Triger Entries: UI and GitHub Push

11. © 2025, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Architecture overview Backend: Lambda • Operate Threat Models • Create Threat Model with Agent • Chat with Threat Models

12. © 2025, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Architecture overview Database: DynamoDB • Agent Execution State • Threat Catalog Metadata • Threat Model Chat History

13. © 2025, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. • AI Model: Claude 3.7 Sonnet on Amazon Bedrock (Converse API) • Object Storage: Pre-signed URL from Amazon S3 • Threats Tracker: Jira REST API Architecture overview

14. © 2025, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Demo

15. © 2025, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Demo Upload a architecture diagram Upload an IaC file Enable the OWASP Top 10 for LLM framework Enable gap analysis and reasoning Start threat modeling

16. © 2025, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Demo Threat modeling by a 5-node agent workflow

17. © 2025, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Demo Mapped to OWASP LLM Top 10 threat Threat modeling results Clear AWS based mitigation actions

18. © 2025, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Demo Generate remediation strategies with IaC code Predefined sample prompts

19. © 2025, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Demo Generate red teaming plan Multiple model selection

20. © 2025, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Conclusion • AI-Powered threat model agent: automated, streamlined, scalable • Dynamic threat modeling, evolves as the system updates • Aligned with novel AI-specific threats • Security-by-Design mindset: Identify threats in early stage of SDLC. • Conversational mitigation and red teaming solutions Future Plan • Utilize the AI agent to simulate red teaming and patches itself to enhance threat modeling.

21. © 2025, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Get the Agent on Github! https://github.com/awslabs/threat- designer [Threat Designer: AI-powered threat modeling Agent for secure system design]

22. © 2025, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Thank you! Thank you! Please complete the session survey in the mobile app Shaoyi Li in/shaoyi-li-cloud Shaoyi_cloudsec