AWS for Industries

Securing the future: How AI Agents, Web3, and post-quantum cryptography are helping redefine digital trust

Introduction

As digital identity, artificial intelligence (AI) agents, Web3, and cybersecurity technologies converge, a new paradigm for digital trust is emerging, one in which security, transparency, and innovation reinforce one another. This blog post explores how leading organizations are navigating that convergence, highlighting 1) recent advancements in Web3-based security, 2) real-world AWS use cases that show how organizations can harness Web3 solutions to keep ahead of security threats, and 3) providing some forward-looking strategies to help achieve a quantum-safe future. As these technologies come together, the emphasis will shift to agentic architectures, in which autonomous AI agents collaborate, make decisions, and perform tasks across distributed systems, setting the stage for unprecedented levels of automation and digital trust.

1. Digital identity evolution: From traditional IAM to Web3 solutions

Modern digital identity solutions are rapidly evolving. Traditional, centralized identity and access management (IAM) systems are being enhanced by Web3-based decentralized identifiers (DIDs). These unique, globally verifiable identifiers serve as portable credentials that give individuals and organizations control over their digital identities without reliance on centralized authorities. The shift facilitates persistent, context-aware trust across platforms while preserving data portability and user sovereignty—helping to realize the principle that users should have full ownership and control over their digital identity and data. Platforms like AWS Identity and Access Management, a service for securely managing identities and access to AWS services and resources, are being combined with Web3-based frameworks to help facilitate secure, scalable management of human identities, AI agents, and digital assets. That integration helps support customer compliance with stringent know your customer (KYC) and anti-money laundering (AML) regulations, which are important in facilitating commercial interactions in finance, automotive, healthcare, and other regulated sectors.

The rise of Web3 wallets as digital-identity hubs also marks a paradigm shift from traditional methods of storing and verifying identity through centralized institutions to a decentralized model where individuals have agency and control of personal data and authentication. These wallets empower users to store and manage access not only to digital assets, but also verifiable credentials and DIDs. Advanced custody solutions now offer a spectrum of access levels, from fully self-custodial approaches to hybrid models with institutional recovery mechanisms, helping balance security with user experience. Standardized protocols allow users to carry verified credentials and reputations across platforms, giving individuals and institutions granular control over data sharing. Smart contracts, which consist of codified business logic, can automate credential verification and access rights on digital wallets, supporting privacy-preserving compliance. The result is a user-centric identity ecosystem that balances security, convenience, and privacy.

2. Three Real-World AWS Use Cases

Use Case 1: TRM, AWS, and the future of Web3 security

A major trend transforming financial services is the rise of digital asset tokenization, in which traditional financial assets are converted into digital tokens on blockchains or distributed ledger platforms. Stablecoins represent a specific type of tokenized asset designed to maintain a stable value by being pegged to fiat currencies like the US dollar, although more complex examples include tokenized ETFs or Treasury Bill funds. Tokenization of digital assets facilitates the direct, programmable ownership and transfer of assets, reducing reliance on intermediaries, streamlining settlement, and unlocking new efficiencies. The tokenized assets market is undergoing remarkable transformation, with projections indicating growth from $2.06 trillion in 2024 to approximately $16 trillion by 2030, according to Boston Consulting Group analysis. Leading institutions like Goldman Sachs, J. P. Morgan, and the European Investment Bank are already issuing digital instruments on public Distributed Ledger Technologies (DLTs). As financial institutions look to modernize and innovate, blockchain and tokenization solutions on AWS are helping redefine asset management, settlement, and digital trust for the next era of finance.

AWS supports customers building DLTs and digital asset workloads by providing technical guidance on architecture best practices, business logic patterns and AWS infrastructure recommendations for blockchain nodes, data indexing, asset tokenization, and more. AWS Web3 specialists also work closely with industry partners to curate partner solutions that help address key customer use cases and can be utilized alongside net-new or existing AWS architectures.

As AI capabilities expand, criminals are able to employ increasingly sophisticated AI tools to automate hacks, orchestrate complex fraud schemes, and evade detection. Security teams are working to counter these efforts by implementing new detection and prevention strategies, removing traditional human bottlenecks and creating new challenges for compliance and security teams. At the forefront of these efforts is AWS partner TRM Labs (TRM), which provides Web3 and blockchain intelligence solutions that support anti‑fraud, AML, and risk detection. TRM is using AWS to develop AI-powered solutions to help safeguard decentralized ecosystems.

How TRM uses AI

  • Behavioral Intelligence and pattern recognition

TRM has pioneered blockchain investigations with its Behavioral Intelligence platform, which combines AI-driven pattern recognition (Signatures) and contextual transaction analysis (Transfer Labels). These tools help empower investigators to quickly identify and visualize sophisticated money laundering techniques, fraud, and other typologies that might otherwise go unnoticed. Transfer Labels enrich the context of on-chain transactions, helping reveal not just the flow of funds but also intent, such as contract creation, ransom payments, or theft, making blockchain data more actionable for compliance teams and law enforcement.

  • AI-Driven Wallet Screening and scam detection

TRM’s Wallet Screening solution uses AI-powered intelligence to continuously detect emerging scams in near real time. This empowers financial institutions and exchanges to proactively block fraudulent transfers before funds leave customer accounts, provide early warnings to users, and reduce institutional liability from authorized push payment (APP) fraud. The system is supported by nearly million firsthand victim reports from TRM’s Chainabuse platform and is continuously updated by expert human analysts and AI‑driven insights.

  • Near real-time threat monitoring and adaptive models

transactions in near real time, prioritize risks, and generate actionable alerts. Institutions can train adaptive AI models to recognize evolving scam and fraud techniques, including deepfake content and synthetic media threats, facilitating rapid responses to new attack vectors.

The role of AWS in TRM’s AI-driven security

AWS provides the secure, scalable infrastructure that helps power TRM’s AI analytics and blockchain intelligence. By using advanced AI and machine-learning capabilities provided by AWS, TRM can process vast amounts of blockchain data, deliver near real-time insights, and adapt with the rapidly evolving landscape of AI-facilitated crime. Customers using the quantum-safe roadmap developed by AWS benefit from a further enhanced security posture, helping protect sensitive blockchain data and AI models against both current and future quantum threats.

  • Why this matters

The collaboration between TRM and AWS demonstrates how AI is both a new vector for risk and a critical line of defense. By combining advanced AI-driven analytics, near real-time monitoring, and quantum-safe infrastructure, organizations can stay ahead of the adversaries that are weaponizing AI. An intelligence-led approach is essential because both the scale and sophistication of digital threats continue to grow, and financial institutions, regulators, and law enforcement all need to protect the integrity of the digital-asset ecosystem.

Use Case 2: Manifest’s AI Bill of Materials in automotive manufacturing

As vehicles become increasingly software-defined and connected, the automotive industry faces mounting challenges in managing software and AI supply chain risks, especially with regulations like UNECE R155 now in effect and related standards such as ISO/SAE 21434. The AI Bill of Materials (AIBOM) by Manifest provides a robust solution for automotive manufacturers and suppliers to help address these challenges. Manifest’s AIBOM uses several AWS services to help deliver transparency and security for automotive manufacturers, suppliers and businesses across the AI supply chain. To store datasets and manifest files, Manifest uses Amazon Simple Storage Service (Amazon S3), which provides object storage built to retrieve any amount of data from anywhere. Manifest also uses Amazon SageMaker, AWS’s AI lifecycle and AI model training tool, to build, train and deploy machine learning (ML) models at scale. Manifest’s AI solution uses Amazon Inspector, which provides automated and continual vulnerability management at scale, for exporting and analyzing software bills of materials (SBOMs) and related vulnerability data. These integrations help automotive and manufacturing suppliers and business organizations maintain an updated inventory of models, datasets, dependencies, and deployment locations, as well as respond more quickly to incidents and enforce policies around trusted AI components.

How Manifest helps supports automotive security and compliance across the automotive and manufacturing industry

  • Comprehensive inventory and traceability

Automotive original equipment manufacturers (OEMs) and tier-one suppliers use the Manifest Platform to maintain a near real-time inventory of AI models and datasets deployed across vehicle platforms and production lines. This includes tracking dependencies, managing custom model development libraries, and documenting where each AI component is used within the broader vehicle ecosystem.

  • Rapid incident response

If a vulnerability or poisoned dataset is discovered in a machine learning model used for autonomous driving or advanced driver-assistance systems (ADAS), the Manifest Platform enables automotive cybersecurity and product security teams to quickly identify the affected vehicles or systems. This visibility allows OEMs and their tier-one suppliers to isolate and remediate impacted models or components before safety incidents or large-scale recalls occur.

  • Regulatory compliance

The Manifest Platform helps automotive manufacturers and suppliers streamline their compliance efforts with global automotive cybersecurity regulations such as UNECE WP.29 R155/R156, ISO/SAE 21434, and ISO 24089. By automating the creation and maintenance of AIBOMs, organizations can demonstrate due diligence in tracking and securing AI components, supporting both regulatory audits and internal risk governance processes.

  • Policy enforcement and mitigating third-party risks

Automotive third-party risk and compliance teams use the Manifest Platform to enforce organizational policies for evaluating and approving AI models and datasets before integration into production systems. This process strengthens the vetting of third-party and open-source AI components, helping prevent the introduction of vulnerabilities or unverified models into vehicle software ecosystems.

  • Ongoing vulnerability management

After vehicles are deployed, OEMs and suppliers can use the AIBOM to continuously monitor for newly disclosed vulnerabilities or license risks across both proprietary and supplier-provided AI software. This ongoing vigilance helps reduce the cost and scope of post-production recalls while supporting the long-term safety, reliability, and commercial viability of vehicles in operation.

Use Case 3: Post-Quantum Security for Autonomous Systems. Immutable Audit Trails, Verifiable Data & Identity, and Model Traceability

As the automotive and autonomous systems—self-operating systems or networks capable of performing tasks and making decisions independently. accelerate toward software-defined, connected, and AI-powered platforms, the need for quantum-safe security and robust digital trust is paramount. AWS is at the forefront of this transformation, providing a comprehensive, phased migration to post-quantum cryptography (PQC) that spans the entire cloud environment. This includes protecting vehicle-to-everything (V2X) communication, securing over-the-air updates, and safeguarding AI model deployments. Through scalable implementation pathways and hybrid cryptographic solutions, AWS enables manufacturers to future-proof their security measures while maintaining compliance with emerging standards, ensuring that autonomous and connected vehicles remain secure in both the present and quantum computing future.

Key Innovations:

  • Immutable Audit Trails: Now that AWS has sunset its Quantum Ledger Database service, Aurora PostgreSQL is the recommended migration path for organizations requiring secure audit trails and data verification capabilities. While Aurora PostgreSQL provides robust audit logging and data integrity features, organizations needing cryptographic verification may want to explore additional solutions like ScalarDL, which offers comparable immutable ledger capabilities.
  • Verifiable Data & Identity: Using post-quantum digital signatures (ML-DSA) and decentralized identity frameworks, AWS helps enable organizations to issue, verify, and manage credentials and data with quantum-resistant assurance. This is essential for authenticating devices, users, and AI agents across distributed, autonomous environments, and for supporting privacy-preserving, cross-platform identity management.
  • Model Traceability & Provenance: With AWS services like SageMaker, S3, and Inspector, organizations can maintain a real-time, cryptographically signed inventory of all AI models, datasets, and dependencies. This helps enables customers to have full traceability from model creation to deployment, ensuring that every AI component’s origin, version, and update history are auditable and verifiable critical for safety, compliance, and rapid incident response.
  • Quantum-Safe Cryptography: AWS has implemented NIST-standardized PQC algorithms (ML-KEM for key establishment, ML-DSA for digital signatures) across key services, including AWS KMS, ACM, and Secrets Manager. This helps protects both data in transit and long-lived digital signatures, future-proofing critical systems against quantum threats.
  • End-to-End Trust for Autonomous Systems: By embedding quantum-resistant roots of trust and incorporating immutable audit trails, organizations can secure over-the-air updates, V2X communications, and AI-driven decision-making processes. Every transaction, credential, and model update is cryptographically verifiable, supporting both operational integrity and regulatory requirements. AWS enables quantum-safe security through integrated services: Certificate Manager, Private Certificate Authority, and CloudTrail provide roots of trust and audit capabilities, while IoT Core secures over-the-air updates and Network Firewall protects V2X communications. SageMaker safeguards AI decision-making, with AWS KMS ensuring cryptographic verification of all transactions and updates. This comprehensive framework scales seamlessly with autonomous system deployments while maintaining stringent security standards.
  • Continuous Compliance and Rapid Response: Modern automotive cybersecurity teams must maintain comprehensive oversight across the entire vehicle lifecycle in alignment with any applicable standards, such as those provided by UNECE R155, ISO 21434, and the EU Cyber Resilience Act. When security incidents occur, whether involving AI model compromises or unauthorized system access, teams can leverage advanced traceability systems to perform thorough forensic analysis, with documented remediation workflows helping confirm that all corrective actions meet the stringent requirements for type approval maintenance. The integration of real-time monitoring and automated response protocols, combined with three-year verification cycles, enables manufacturers to maintain their cybersecurity management system (CSMS) certification while demonstrating continuous compliance across the vehicle’s entire lifecycle – from concept through decommissioning. AWS empowers automotive cybersecurity teams through integrated security services: AWS Security Hub and Config enable continuous compliance monitoring against key standards (UNECE R155, ISO 21434, EU Cyber Resilience Act), while Amazon Detective and CloudWatch provide forensic analysis capabilities. AWS Systems Manager Incident Manager automates response protocols, and GuardDuty delivers real-time threat detection. With AWS Audit Manager supporting CSMS certification cycles and Control Tower ensuring scalable governance, manufacturers can maintain comprehensive security oversight throughout the vehicle lifecycle. CloudTrail’s immutable logging completes this robust security framework, enabling rapid incident response and continuous compliance from development through decommissioning.

AWS’s PQC migration plan is already being realized: ML-KEM-based hybrid post-quantum key agreement is now supported in AWS KMS, ACM, and Secrets Manager, and will roll out to all AWS HTTPS endpoints in the coming years. This allows automotive platforms to adopt quantum-safe cryptography for both data in transit and long-lived digital signatures, with the goal of developing resilient security postures.

3. Forward-Looking Strategies for Securing Digital Trust Across AI, Web3, and the Quantum Era

  1. Cross-Industry Collaboration & Technology Innovation:
    Organizations should actively participate in cross-sector alliances and open standards bodies to help accelerate the adoption of quantum-safe, AI-driven, and decentralized technologies. Notable examples include the Linux Foundation’s Post-Quantum Cryptography Alliance (PQCA), which develops open-source PQC implementations, and the PQC Coalition (PQCC), which fosters cross-border alignment on cryptographic standards. In the automotive sector, the Automotive ISAC (Auto-ISAC) is forming a post-quantum working group to help address emerging cryptographic threats to connected vehicles and to develop industry-wide migration strategies.
  2. Standardization & Regulatory Evolution:
    As technology advances, aligning with a rapidly evolving regulatory landscape is essential. In the Web3 space, the GENIUS Act marked a major development, and the Digital Asset Market Structure Bill could further change the regulatory landscape. For PQC, federal mandates such as the National Security Memorandum (NSM-10) will require U.S. agencies to migrate to quantum-resistant cryptography by 2035, with annual OMB reporting to ensure accountability. Organizations are aligning with laws such as the EU AI Act and global standards like NIST PQC and ISO 27001 to ensure consistent governance and interoperability across regions and jurisdictions.
  3. Proactive Risk Management & Continuous Improvement:
    Securing digital trust demands a culture of continuous, proactive risk management. AWS exemplifies this with efforts in the phased PQC migration plan, including hybrid cryptography rollouts (ML-KEM for TLS 1.3), cryptographic inventories, and FIPS 140-3 validated open-source libraries (AWS-LC, s2n-tls). In Web3, compliance with new stablecoin and digital asset regulations, combined with the use of inventory tools like SBOM, AIBOM, and CBOM, ensures that organizations can quickly adapt to emerging threats and maintain trust in a dynamic environment. AWS is adopting the latest NIST-standardized PQC algorithms ML-KEM for key establishment, ML-DSA for digital signatures, and SLH-DSA as a quantum-resistant backup prioritizing CNSA 2.0-compliant variants for maximum security and regulatory alignment. AWS Professional Services plays a critical role in guiding customers through this transition, offering expert support for cryptographic audits, hybrid deployments, and strategic shifts in prioritizing crypto agility and efforts to comply with evolving standards. By working closely with customer teams and trusted partners, AWS helps organizations implement secure-by-design solutions, address quantum and AI-driven threats, and ensure resilient, auditable deployments across industries.

Conclusion: Building Resilient Digital Trust for the Quantum Age

Trust is the foundation of every digital relationship. As digital identity, AI, quantum computing, and decentralized technologies converge, the stakes for safeguarding trust have never been higher. The rise of quantum computing presents both transformative opportunities and existential risks demanding that organizations not only prepare for today’s threats but also anticipate those of tomorrow. The convergence of these technologies is accelerating the need for secure-by-design systems, while regulatory frameworks and global standards are catching up to ensure innovation does not outpace security. Proactive adoption of post-quantum cryptography, robust risk management, and cross-industry collaboration are becoming strategic imperatives. By acting now, investing in resilient cryptographic foundations, and fostering a culture of continuous improvement, organizations can ensure that digital trust endures, helping enable the safe evolution of AI, Web3, and the global digital economy in the quantum era.

Adewale (Wale) Omoniyi

Adewale (Wale) Omoniyi

Adewale (Wale) Omoniyi is a Principal Strategist in Cybersecurity specializing in Web3, Cloud Computing, AI systems, and automotive industry technology security. With over 20 years at Accenture, IBM and currently AWS, he has led cybersecurity and digital transformation initiatives for federal, commercial, defense, and automotive industry clients. His expertise spans blockchain, supply chain security, post-quantum computing, and AI security frameworks. He holds a BBA from Temple University, an MBA from New York University, NYU Stern School of Business and has earned multiple industry certifications including (CISSP, CISM, CRISC, CDPSE, AWS Certifications).

Alexa Rzasa

Alexa Rzasa

Alexa Rzasa is Head of Marketing at Manifest. She brings years of experience leading cybersecurity marketing at Respond Software, FireEye, Mandiant, and Google Cloud. She has helped launch and scale solutions that protect organizations worldwide and is dedicated to making world-class security more accessible to every business.

Ari Redbord

Ari Redbord

Ari Redbord is the Global Head of Policy at TRM Labs, the blockchain intelligence company. Prior to joining TRM, Ari was the Senior Advisor to the Deputy Secretary and the Undersecretary for Terrorism and Financial Intelligence at the United States Treasury. In that position, Ari worked with teams from the Office of Foreign Assets Control (OFAC), the Financial Crimes Enforcement Network (FinCEN), and other Treasury components to use sanctions and other regulatory tools effectively to safeguard the financial system from illicit use by terrorist financiers, weapons of mass destruction proliferators, drug kingpins, and other rogue actors, including Iran, Syria, North Korea and Venezuela. In addition, Ari worked closely with regulators, the Hill and the interagency on issues related to the Bank Secrecy Act, cryptocurrency, and anti-money laundering strategies. Prior to Treasury, Ari was an Assistant United States Attorney for the District of Columbia for eleven years where he investigated and prosecuted terrorism, espionage, threat finance, cryptocurrency, export control, child exploitation and human trafficking cases.