Overview
Ensure the data in generative artificial intelligence (genAI) models built using AWS storage services are free of viruses, ransomware, trojans and other malicious payloads by scanning it with GenAI Secure by Cloud Storage Security. You can also use the same solution to scan genAI output like text and chat to ensure no sensitive data is leaked. Ensure data integrity by mitigating risk in your genAI applications - find and isolate malicious data; safeguard sensitive information.
HOW THIS SOLUTION IS DIFFERENT
- Multi-Engine Technology
- Multiple Scanning Models
- Static, Dynamic & Forensic Analysis
- Custom RegEx
- Configuration Intelligence
- Simplified Setup
- Security First Approach with In-Tenant Scanning
Engines Identify malware at petabyte scale by leveraging the power of Sophos, CrowdStrike, or ClamAV®. Engines may be used individually or simultaneously to optimize accuracy and performance.
Scanning Models GenAI Secure offers three flexible scanning options that integrate seamlessly into your workflow:
- Event - scan new data in real time when dropped into storage (easy to integrate into workflows because minimal code changes are needed)
- Retro - scan existing data on demand or via schedule (use to baseline data and for compliance audits)
- API - scan data in real time via a REST-based API before they are written (useful for blocking malware uploads or if you initiate a workflow where the scan dictates whether a file should be stored/used based on scan verdict)
Analysis Analyze files in real time with Static and Dynamic Analysis powered by the SophosLabs Intelix™ Platform. GenAI Secure also provides Forensic Analysis via an Amazon Bedrock integration that provides additional information about the detected malware as well as remediation suggestions.
Custom RegEx Leverage the GenAI Secure-Amazon Bedrock integration to write custom regular expression (RegEx) policies. All you need to do is enter a simple text prompt to identify patterns or text and the exact value you need for the rule will be created. GenAI Secure also comes with predefined policies for common personally identifiable information items like social security numbers or credit card numbers.
Configurations Quickly gain visibility into misconfigurations including publicly accessible buckets as well as encryption status via a single unified dashboard.
Setup Deploy via AWS CloudFormation or Terraform in less than 10 minutes. Initial scanning setup takes less than 5 minutes with just a few clicks of the mouse. Follow the Getting Started Guide: https://help.cloudstoragesec.com/getting-started/summary/ .
Security First GenAI Secure installs and runs in your AWS account, so data never leaves your environment or region. Additional ways to further enhance security include centralized security services account deployment with linked accounts and a private VPC endpoint deployment option.
CUSTOMER-FAVORITE FEATURES
- Automated serverless architecture
- Real-time, scheduled & on-demand scanning
- Easy management console, built-in dashboards & detailed reporting
- Automatic data discovery & scaling across multiple accounts & regions
- XL file scanning
- Problem file remediation (automatic Quarantine, Tag, Delete)
- Robust notifications & integrations - this solution integrates with third party ticketing, Slack, Microsoft Teams, Amazon Chime, SIEM, Amazon SNS, AWS Security Hub, AWS CloudTrail, AWS Control Tower, AWS Transfer Family, and more
ONLY PAY FOR WHAT YOU SCAN Pricing at payment terms that fit with your procurement process. We offer pay-as-you-go pricing, prepaid discounts, and private offers. Contact us at https://cloudstoragesec.com/contact to discuss the best pricing option for you.
Highlights
- GenAI Secure is a completely in-tenant deployment so data never leaves your AWS account or VPC for scanning. Plus, you get enterprise-level features that include extra large file scanning, multiple malware engines, built-in prevention, and automatic quarantine.
- When building genAI applications, data inputs can contain malicious code and data outputs can pass on sensitive information when they should not. GenAI Secure leverages Amazon Bedrock to (1) help you write custom regular expression (RegEx) policies so you can prevent sensitive data in user inputs and FM responses from being exposed; (2) provide forensic analysis and generate remediation suggestions so you can more quickly analyze data flagged as suspicious and take action.
- We support the storage services you use to house GenAI model data as well as output data. This includes Amazon S3, Amazon EBS, Amazon EFS, and Amazon FSx.
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Dimension | Cost/unit |
---|---|
Free Trial Usage | $0.001 |
Monthly Subscription - includes 100GB of premium engine scanning | $99.00 |
Scanning above 100GB (per GB) | $0.80 |
Premium engine add-on above 100GB (Sophos per GB) | $1.00 |
Malware file static analysis (Sophos per file) | $0.05 |
Malware cloud detonation (Sophos per file) | $0.50 |
Used to track included GB | $0.001 |
One time fee used for special pricing offers | $0.001 |
Premium engine add-on above 100GB (CSS Premium per GB) | $1.00 |
Vendor refund policy
We do not currently support refunds, but you can cancel at any time.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Console Deployment and Permission Setup
- Amazon ECS
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
Additional details
Usage instructions
Subscribing to this product will take you through the sign-up and deployment process. Deployment consists of launching a CloudFormation Template provided to you on the last configuration page of signup (also located in the Help Docs). Once Stack creation is completed, look to the Stack Outputs for the Console access URL and open that in your browser. Any additional deployment and management tasks are performed from within the Console.
For detailed steps on how to subscribe, deploy and use the product, please review: http://help.cloudstoragesec.com/getting-started/how-to-subscribe/
Support
Vendor support
If you need help, let us know! Please do not hesitate to contact us with questions or to get started with a proof-of-concept (POC) at https://cloudstoragesec.com/contact . Support engineers are online Monday-Friday and aim to respond to emails within 1 business day. If you need faster response times or technical support over the phone/via video, Premium Support and Professional Service plans are available for purchase; for more information, visit https://cloudstoragesecurity.com/support . Also, customers often find the answers they need in our Help Docs at
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.