Securing generative AI: Applying relevant security controls
Security Blog
This article discusses security controls to apply when securing a generative AI application, based on the scope of the application as defined in the Generative AI Security Scoping Matrix introduced in a previous article.
Specifically, the article covers:
- Controls for Scope 1 (consumer applications) and Scope 2 (enterprise applications)
- Controls for Scope 3 (using pre-trained models)
- Additional controls for Scope 4 (fine-tuning models)
- Considerations for Scope 5 (self-training models from scratch)
- Mapping of controls to MITRE ATLAS mitigations
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Mar 27
2024
2024
Securing generative AI: data, compliance, and privacy considerations
Apr 16
2024
2024
A secure approach to generative AI with AWS
Nov 5
2024
2024
Implement effective data authorization mechanisms to secure your data used in generative AI applications
Feb 3
2025
2025
Implement effective data authorization mechanisms to secure your data used in generative AI applications – part 2
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.