AWS Partner Network (APN) Blog

Build Secure Generative AI Solutions with AWS and Zscaler

by Aaron Rohyans, Sr. Principal Solutions Architect – Zscaler
by Gina McFarland, Partner Solutions Architect – AWS

This is an image of Zscaler's logo.
Zscaler
This is an image that says "Want to work with Zscaler?"

Generative AI is moving fast – reshaping how enterprises build, operate, and interact. Organizations are using AI workloads across their operations, from customer service chatbots and code generation to content creation and automated decision-making systems. According to the Zscaler ThreatLabz 2025 AI Security Report, AI/ML tool usage has surged 36x year-over-year. However, security concerns led to blocking 60% of this traffic, underscoring the tension between productivity and protection.

This post demonstrates how AWS and Zscaler’s security controls help protect AI workloads while maintaining compliance and data protection.

Zscaler ThreatLabz 2025 AI Security Report

Figure 1 – Zscaler ThreatLabz 2025 AI Security Report

The OWASP Top 10 for LLMs and Generative AI outlines several security considerations for generative AI adoption. These include managing prompt interactions, implementing model access controls, and safeguarding data during information extraction through Retrieval-Augmented Generation (RAG) implementations. Gartner research projects that by 2028, 25% of enterprise breaches will be traced back to AI agent abuse, highlighting the need for proactive security measures.

AWS and Zscaler provide controls to help secure generative AI implementations, offering visibility, access controls, and data protection throughout the development and deployment lifecycle. This approach helps to maintain security and compliance while maximizing the benefits of generative AI implementations.

AWS provides enterprise-ready tools for building and deploying generative AI applications, each with built-in security controls and content filtering capabilities. Amazon Q, an AI-powered assistant for business tasks and queries, includes administrator-configurable content filtering and access controls. Amazon Bedrock simplifies generative AI development with access to leading foundation models from Amazon and other AI companies. It features Amazon Bedrock Guardrails with Automated Reasoning checks that help validate AI-generated content against domain knowledge with up to 99% accuracy. Amazon SageMaker, a service for building, training, and deploying machine learning models, includes multi-layered security controls throughout the machine learning lifecycle.

Under the Shared Responsibility Model, AWS is responsible for security of the cloud—the infrastructure that runs AWS services. Customers are responsible for security in the cloud, including their data, applications, and access controls. The Zscaler Zero Trust Exchange helps customers fulfill these responsibilities through its globally distributed security solution. This cloud-native service helps enhance both security and performance compared to traditional VPNs and firewalls by brokering connections between users, apps, and workloads. By placing applications behind the Zero Trust Exchange, companies can make them inaccessible to unauthorized users and external networks. This architecture helps separate users and apps from the network, reducing exposure points and limiting lateral movement of threats while protecting data.

Together, AWS and Zscaler provide end-to-end visibility, zero trust access controls, and granular data protection across the generative AI lifecycle—from infrastructure to inputs, models to outputs, and user access to external data fetches.

Better Together: AWS and Zscaler Integrated Security

Zscaler, an AWS Advanced Technology Partner with six AWS Competencies including the AI Security specialization, complements AWS’s secure foundation across key aspects of generative AI workflows including:

  • Input handling and prompt engineering
  • Model access and interaction
  • Integration with external data sources, including techniques like RAG

AWS services provide robust security infrastructure with encryption, fine-grained access controls, and compliance standards. Zscaler complements this foundation with zero trust access and inline enforcement capabilities through identity-aware access controls, Data Loss Prevention (DLP), smart input prompt monitoring and blocking with AI Guard, and Zero Trust egress filtering. Together, AWS and Zscaler solutions secure generative AI interactions and maintain compliance throughout the AI lifecycle.

1. Prompt Ingestion – Securing the Input

Every AI interaction begins with a prompt, which presents inherent security risks. Organizations face challenges such as:

  • Employees inadvertently including sensitive data in prompts
  • Malicious actors attempting to manipulate models through crafted prompts
  • Resource consumption from off-topic or poorly formulated prompts

AWS and Zscaler provide complementary controls to address these risks:

  • Amazon Bedrock Guardrails and Amazon Q moderation tools enforce appropriate model responses and policy compliance.
  • Zscaler’s AI Guard provides real-time inspection of prompts and responses, blocking jailbreak attempts, offensive content, or inappropriate requests before they reach the model.
  • Zscaler DLP and Data Protection enforces policies that help prevent leakage of sensitive data across the generative AI transaction.
Zscaler's Workflow AutomationFigure 2 – Zscaler Workflow Automation
For example, when someone asks a legal compliance AI assistant about vacation planning, Amazon Bedrock Guardrails helps keep responses within defined compliance and regulatory parameters. Zscaler can block this off-topic request before it reaches the model. This integrated approach optimizes resource use and maintains the assistant’s focus on legal compliance tasks.

2. Model and Data – Securing the Core

Generative AI implementations require strong model access control and data governance. Organizations must consider multiple data security aspects:

  • Access control for models and data repositories
  • Data validation for training pipelines
  • Handling of proprietary and regulated content in model responses

Zscaler provides multiple security layers addressing these challenges. At the infrastructure level, Data Security Posture Management (DSPM) discovers, classifies, and tracks sensitive data across cloud environments to identify misconfigurations and risky access patterns. At the traffic level, inline DLP monitors model inputs and outputs to help prevent sensitive data leakage, while smart input monitoring screens for unauthorized content.

AWS provides multiple layers of security controls for AI services. AWS Identity and Access Management (IAM) policies and role-based access controls manage who can access specific resources. Service-level permissions add granular control over features in Amazon Bedrock, Amazon Q, and SageMaker. Additional security features include data encryption, API activity logging through AWS CloudTrail, and private connectivity via Amazon Virtual Private Cloud (VPC) endpoints.

Consider a team uploading customer data to a shared Amazon S3 bucket for AI training. AWS controls provide access restrictions, encryption enforcement, and activity logging. Zscaler’s DSPM solution then identifies sensitive content and potential misconfigurations. This layered approach helps secure data throughout the AI workflow.

3. Retrieval-Augmented Generation: Securing the Internet Query Layer

RAG enhances AI applications by incorporating information from internal repositories, external sources, or both. This integration, particularly with external data from the public internet, requires specific security considerations.

The Zscaler Zero Trust Gateway, a service-based version of the Zscaler Cloud Connector virtual machine, secures internet-based RAG operations at the point of data retrieval by forwarding this traffic through the Zscaler Zero Trust Exchange. The Zscaler Secure Web Gateway, a component of the Zero Trust Exchange, then adds protection by blocking connections to high-risk sites. It filters URLs, scores threats in real time, and enforces zero trust access policies.

AWS supports private, curated data sources through Amazon Bedrock and Amazon Q, allowing organizations to retrieve information from trusted internal knowledge bases and secure endpoints.

Zscaler RAG Protection
If a healthcare chatbot tries to access unauthorized medical websites, Zscaler blocks the connection, protecting against unreliable sources. Alternatively, Amazon Bedrock can be pre-configured to avoid such queries by routing RAG entirely through vetted internal repositories.

Governance and Regulatory Compliance

Enterprises deploying generative AI must comply with regulatory requirements for data protection and AI governance, including Personally Identifiable Information (PII) protection and decision traceability. AWS offers tools like Amazon Bedrock Guardrails to help enforce appropriate model behavior, while IAM provides fine-grained access control and permissions management.

Zscaler complements these capabilities with real-time visibility into prompt and response traffic, detailed audit trails of generative AI interactions, and dynamic policy enforcement based on user, content, and risk levels. It also offers DLP to help meet regulatory requirements and to provide detailed logging for security investigations and compliance reporting.

Looking Ahead: Agentic AI

As generative AI evolves, agentic AI represents the next advancement in automation—autonomous agents that can reason, plan, and act independently to complete complex tasks like IT ticket resolution and data analysis.

Security Considerations for Agentic AI

While agentic AI operates with greater autonomy, securing it builds upon existing principles:

  • Prompt validation across agent-to-agent interactions
  • Access governance for models and knowledge bases
  • Data Protection for sensitive information in agent interactions
  • Secure access controls for external information sources
  • Maintaining operational integrity between agents through authentication and policy enforcement

Organizations using generative AI can extend their existing security controls to address these emerging requirements, leveraging proven patterns for this next generation of AI technology.

Taking Action on AI Security

Organizations at any stage of AI adoption—from deploying individual assistants to orchestrating autonomous agents—need to innovate securely and responsibly at scale.

Get Started:

.
This is an image that says "Connect with Zscaler"
.

Zscaler – AWS Partner Spotlight

Zscaler, an AWS Advanced Technology Partner, has been a leader in zero trust for over a decade and has six AWS Competencies, including the AI Security specialty. The Zscaler Zero Trust Exchange helps protect thousands of customers from cyberthreats and data loss by securely connecting users, devices, applications, and workloads. Distributed globally across 160+ points of presence, the Zero Trust Exchange provides cyberthreat protection, data protection, risk management, and zero trust access controls.

Contact Zscaler | Partner Overview | AWS Marketplace