保障智能体人工智能安全：OWASP、MAESTRO 和现实世界的防御策略 [重复].pdf

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.S E C 4 0 8-RSecuring Agentic AI:OWASP,MAESTRO,and Real-World Defense StrategiesDr.Andrew KaneWW Tech Lead GenAI Security&ComplianceAmazon Web ServicesSatveer Khurpa

2、Sr.WW Specialist SA GenAIAmazon Web Services 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.AgendaAgentic AI security and threat modelingOverviewMAESTRO frameworkOWASP Agentic AI threatsAmazon Bedrock AgentCoreOverviewSecurity and IdentityCloseAdditional material OWASP mitigation

3、s Demo 3LO Auth Demo Identity Reference architectures 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Amazon Confidential and Trademark.The evolution into Agentic AIINCREASING AUTONOMY AND BUSINESS IMPACTGenerative AI assistantsGenerative AI agentsAgentic AI systemsFollow a set of

4、 rules Automate repetitive tasksAchieve a singular goalAddress broader range of tasksAutomate entire workflowsFully autonomousMulti-agent systemsMimic human logic and reasoningM O R EH U M A NO V E R S I G H TL E S SH U M A NO V E R S I G H T 2025,Amazon Web Services,Inc.or its affiliates.All rights

5、 reserved.Amazon Confidential and Trademark.COMPARED TO GENERATIVE AI WORKLOADSHow to think aboutagentic AI security 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Amazon Confidential and Trademark.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Amazon Confiden

6、tial and Trademark.Theres no silver bullet solution with cyber security,a layered defense is the only viable defense.James ScottInstitute for Critical Infrastructure Technology 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Amazon Confidential and Trademark.POLICIES,PROCEDURES,AN