Securing AI-driven APIs on AWS with Wallarm

By: Craig Riddell, Global Field Chief Information Security Officer (CISO) – Wallarm
By: Aliaksei Ivanou, Worldwide Security & Identity Senior Partner Solutions Architect (PSA) – AWS

Wallarm

As organizations deploy AI-driven APIs on Amazon Web Services (AWS), security teams have an opportunity to enable rapid AI adoption while maintaining full visibility into how these workloads operate. AWS is architected to be the most secure global cloud infrastructure on which to build, migrate, and manage applications and workloads. Together, AWS and Wallarm deliver a comprehensive security architecture that combines foundational cloud controls with specialized runtime visibility for AI-driven APIs. In this post, you’ll learn why runtime visibility is essential for AI-driven APIs and what capabilities address this need.

The visibility gap in AI security

As AI applications scale in production, the API layer becomes the primary interface for AI interactions. Traditional security controls weren’t designed to provide visibility into what happens at runtime within these dynamic, stateful conversations.Every prompt, every model response, every tool invocation, and every automated decision flows through APIs. This creates a fundamentally different security surface than traditional applications. Existing controls weren’t designed to answer the following questions AI workloads raise:

• What is this agent doing with the permissions it was granted?
• Is this model response revealing sensitive or confidential information?
• Which APIs are being called by autonomous agents and are they authorized?
• How do you validate outcomes, not just inputs?

This is not about generative AI alone. As organizations move toward agentic systems, multi-service orchestration, and automated decision-making, APIs become the control plane for how everything operates. The difference between what security teams can observe and what is actually happening continues to grow.

The benefits of extending visibility to AI workloads

AWS is architected to be the most secure global cloud infrastructure on which to build, migrate, and manage applications and workloads. AI workloads introduce behaviors that require continuous visibility, and you should work to ensure that your tools and controls provide that visibility.Issues appear as normal-looking traffic. AI-related security issues often don’t trigger traditional signatures or rules. A prompt injection looks like a valid user request. An over-permissioned agent making unintended API calls appears as authorized traffic. The structure is correct; the intent is not.Continuous discovery keeps pace with deployment velocity. With runtime visibility, security teams maintain a current inventory of AI services, models, and APIs as they appear in production, confidently answering the question, “What is actually running in production?”Outcomes are not validated. Security controls have focused on inspecting inputs, validating requests, checking permissions, and filtering malicious content. But with AI, the output matters as much. Model responses can inadvertently disclose sensitive data, reveal internal logic, or provide incorrect information that drives business decisions.None of this suggests existing controls are insufficient. It means AI workloads require an additional layer of visibility that complements perimeter security with runtime awareness.

Extending AWS security with runtime visibility

The solution is extending your security architecture with capabilities designed specifically for AI workloads. AWS provides strong foundational controls, and Wallarm adds specialized runtime visibility that helps customers observe and respond to AI-specific behavior.Organizations that successfully secure AI at scale focus on three complementary capabilities:

1. Continuous API and AI service discovery – Maintain an accurate, real-time inventory of APIs and AI services in production, including those deployed outside formal processes. This provides the foundation for understanding your actual attack surface.
2. Behavioral detection beyond signatures – Identify unintended behavior even when requests appear valid. This includes detecting prompt injection attempts, identifying anomalous agent behavior, and flagging unexpected data access patterns.
3. Runtime output validation – Inspect model responses and API outputs before they reach users or downstream systems. This prevents data disclosure, validates response appropriateness, and verifies AI systems operate within defined boundaries.

These capabilities layer into existing AWS architectures without requiring re-architecture. They complement AWS controls by extending visibility into runtime behavior across APIs and AI workloads.

Financial services AI deployment

The following scenario is drawn from common patterns observed across multiple controlled security assessments in the financial services sector and doesn’t represent any specific customer deployment.

A regional financial institution deployed an AI-powered customer service assistant using Amazon Bedrock. The architecture followed AWS best practices, including using Amazon API Gateway for access control, AWS WAF for threat filtering, Amazon CloudFront for content delivery, and Amazon Virtual Private Cloud (Amazon VPC) isolation for network security. The team at the financial institution reviewed and approved the deployment, which met all internal security requirements.

During a proactive security assessment, the team introduced runtime visibility capabilities to evaluate the full AI ecosystem, not only the primary application but all supporting APIs, integrations, and services.The assessment identified three areas of runtime behavior that existing perimeter controls weren’t designed to surface:

1. Prompt injection disclosing internal logic – Carefully crafted prompts can cause the model to reveal information about internal system architecture and business rules.
2. Unintended API exposure – A development endpoint remained accessible from the production environment, creating an unmonitored access path.
3. Sensitive data in model responses – Under specific conditions, the model included customer financial information in responses that should have been redacted.

When the team implemented runtime visibility, they gained:

• Complete API inventory – Identification of services that hadn’t been formally documented, including shadow APIs deployed by development teams
• Real-time behavioral detection – Ability to identify and block prompt injection attempts and anomalous agent behavior as they occurred
• Output validation – Inspection of model responses before delivery, preventing data disclosure and supporting compliance with data handling policies

The outcome was enhanced security posture without re-architecting the AWS environment.

Measuring success from architecture to outcomes

Security leaders increasingly measure success by what they can observe and prevent in production. Deploying controls is necessary but insufficient—the real indicator is whether those controls reduce the time between a threat appearing and being stopped.Organizations that add runtime visibility to their AWS security architecture report improvements across three dimensions:

1. Coverage – Moving from partial visibility to comprehensive awareness of APIs and AI services in production, including those deployed outside formal processes
2. Risk reduction – Decreasing the time between deployment and security validation, reducing the window of exposure for new AI services
3. Mitigation effectiveness – Improving the ratio of threats detected to threats prevented, moving from logging and alerting to active prevention

These outcomes translate directly to business value: faster AI deployment with maintained security posture, reduced compliance risk, and increased confidence in AI-driven decision-making.

Moving forward

AI is accelerating how organizations build applications, how systems interact, and how quickly new risks emerge. AWS provides the strong foundation required to build secure, scalable AI workloads. The AWS Partner Network (APN) extends that foundation with specialized capabilities that help customers maintain visibility and governance as AI adoption scales.

The next step is supporting visibility into what is happening at runtime, understanding your APIs, your AI services, and how they interact in production.Consider these questions as you evaluate your AI security posture:

• Inventory – Do you have complete visibility into APIs and AI services running in production, including those deployed outside formal processes?
• Behavioral risk – Can you detect risky behavior, such as prompt injection, anomalous agent activity, or unexpected data access patterns?
• Output validation – Are you validating AI outputs as well as inputs to prevent data disclosure and verify response appropriateness?
• Outcome measurement – How do you measure whether your security controls are effective, not merely deployed, in preventing threats specific to AI workloads?

Runtime visibility helps organizations extend visibility and governance across AI workloads as they operate in production. To explore how runtime visibility can strengthen your AI security posture, visit Wallarm in AWS Marketplace.

Wallarm – AWS Partner spotlight

Wallarm is an AWS Advanced Technology Partner and independent software vendor (ISV) specializing in API security and AI runtime protection. Wallarm integrates natively with AWS services including Amazon API Gateway, Amazon CloudFront, Elastic Load Balancing (Application Load Balancer), and Amazon EKS to provide continuous API discovery, behavioral threat detection, and runtime output validation for AI workloads. Through the APN, Wallarm helps AWS customers deploy AI with confidence by extending native controls with the runtime visibility layer that modern AI applications require. Wallarm is available in AWS Marketplace, where customers can deploy using existing AWS commitments and streamline procurement.

Contact Wallarm | Partner Overview | AWS Marketplace