This session demonstrates how quickly and easily enterprise-grade AI security can be applied to your Amazon Bedrock projects. See the new Prisma AIRS AI-security platform in action on AWS: We explore Model Scanning and AI Posture Management; then dive into Runtime Security; and finally examine automated AI Red Teaming and AI Agent Security. Unlock your AI-led innovation - securely.
What this session is about
Playbook
Editorial commentary · what to actually do about this on Monday
The concept
AI security splits into four distinct surfaces: model supply chain (scanning), configuration (posture), inference traffic (runtime), and adversarial probing (red teaming). Each needs different tooling.
Why it matters
Securing AI is not "put it behind a WAF." Prompt injection bypasses traditional perimeters. Models can leak training data. Tool-calling agents have privileges your APIs never granted.
The hard parts
Threat models for agents look different from threat models for APIs. Your existing playbook misses the new vectors.
Playbook moves
(1) Threat-model the agent's tool surface specifically. (2) Separate "data exfil via response" from "command injection via tool call" — they need different controls. (3) Schedule automated red-team runs into the release pipeline.
The surprise
The riskiest agent vulnerability isn't prompt injection — it's *authorisation confusion*. The agent inherits user identity for context but operates with system privileges for execution. Whoever can manipulate the prompt can effectively act as the system. This is the agent-era equivalent of SSRF, and almost no one is testing for it.
---
Independent editorial perspective — not an official AWS or speaker statement. Designed for executives evaluating what to brief their teams on next.
Live updates related to this session LIVE
Sourced via Parallel AI Monitor — continuous web watch on 21 topical streams. Updated .
- aithority.com high confidence Agent governance & policy gating
Operant AI Launches MCP Gateway: Enterprise-Grade Runtime ...
Merge.dev launched Merge Gateway and the Merge Agent Handler, acting as a control plane for production AI by replacing multiple MCP servers with a single secure layer for authentication and operation.
- barndoor.ai high confidence Agent governance & policy gating
The platform for trusted AI action across MCP
Microsoft announced the general availability of Copilot Cowork on June 16, 2026, introducing comprehensive IT governance and admin controls for enterprise tenants, including spending limits, scoped billing policies, usage alerts, and integration with M365 governance systems (audi
- securityledger.com high confidence Agent governance & policy gating
AppViewX Launches Agent Identity Security to Govern Agents ...
Gravitee.io announced capabilities for its AI Gateway and Agentic Access Management to secure MCP servers in production. The solution uses MCP-aware proxies to inspect MCP methods, enforce tool-level access controls, and provide centralized governance over the agent ecosystem.
- alterai.dev high confidence Agent governance & policy gating
description: Secure OAuth credential management for AI agents. Connect, authorize, and audit every tool your agents use, with enterprise-grade security. title: Alter Vault | The Authorization Layer fo
Proofpoint updated its AI Security platform to include 'Govern Claude AI Activity', enabling integration with the Claude Compliance API to monitor and govern AI agent activity.
- devblogs.microsoft.com high confidence Multi-agent collaboration patterns
Microsoft Agent Framework at BUILD 2026
ADK-TS has been released as a TypeScript-native AI agent framework that supports the construction of sophisticated multi-agent systems using hierarchical, parallel, and sequential agent architectures for enterprise-grade applications.
External links matched to this session via topic relevance. The KB does not endorse third-party content; verify before citing.