{“lastseen”:”2026-06-04T14:05:08″,”description”:”**TL;DR** \\n – AI deployment has outpaced AI governance. Most enterprises running AI on AWS cannot answer four basic security questions about what’s running, what it’s doing,how to stop it, and how to prove it’s under control. \\n – The Wallarm AI Control Platform closes this gap: one platform for Discover, Observe,Enforce, and Govern \u2014 running natively in your AWS environment. \\n – Infrastructure Discovery maps your AWS estate in minutes. AI Hypervisor instruments EKS in minutes with zero code changes, enforces at the kernel level, and generates continuous compliance evidence for EU AI Act and SOC 2.\\n\\nEvery week, someone in your organization stands up an AI service. Maybe they told security about it, but probably not. By the time it shows up in your inventory, it has been running for weeks, processing data, calling external APIs, and doing things nobody formally reviewed.\\n\\nAccording to McKinsey, 88% of organizations now use AI in at least one business function, but only 30% have reached a meaningful level of maturity in AI governance.The gap between what security teams think is running and what is actually running compounds at AWS scale: a mid-size enterprise following AWS’s recommended multi-account strategy runs 100 to 200 AWS accounts, each an independent security boundary, each able to spin up AI services in minutes without security’s knowledge.\\n\\nAnd the tools most teams are using were not built for this. SIEMs see logs after the fact. WAFs see HTTP payloads but not what the AI is actually deciding. GuardDuty fires alerts nobody can contextualize because nobody knows what workload was involved, who triggered it, or what it was doing at the time.\\n\\n**Detection without context is noise. Noise without enforcement is a liability.**\\n\\n## **What Four Questions Do AI Security Teams Need to Answer?**\\n\\nWhen security teams start taking AI governance seriously, they run into the same four walls:\\n\\n**What AI is actually running in our environment?** Not what was approved. Not what is in the manifest. What is actually running, including the services nobody told IT about.\\n\\n**What is our AI doing at runtime?** Which agents are making calls to external services? What data are they touching? Which user triggered which chain of actions?\\n\\n**Can we stop bad AI behavior before the damage is done?** Not log it. Not alert on it after the fact. Stop it, right now, at the connection level.\\n\\n**Can we prove to auditors that our AI is under control?** EU AI Act enforcement starts in August 2026. Fines run up to 3% of global annual turnover for governance failures, and that is before you account for the third-party risk exposure. Every AI service that bypassed vendor review is also a potential unmanaged third-party relationship under OCC guidance, NYDFS Part 500, and model risk frameworks like SR 11-7. The question is not whether regulators care. It is whether you can show them a defensible record when they ask.\\n\\n_If your honest answer to any of those is \u201cnot really,\u201d you are not alone. But you are exactly who we built this for._\\n\\n## **What is the Wallarm AI Control Platform?**\\n\\n\\n\\nThe Wallarm AI Control Platform is a runtime AI governance platform that discovers, observes, enforces, and governs AI workloads across AWS environments. It\u2019s the only platform that integrates AI security and API security into one closed loop. Wallarm has protected APIs for years. The same platform that secures the APIs underneath your AI now governs the AI itself. That continuity matters: you are not bolting on a new vendor for a new problem. You are extending a platform you already trust into the layer that sits above it.\\n\\nThe Wallarm AI Control Platform delivers what the industry has been missing: The Wallarm AI control loop (discover, observe, enforce, govern) automated and continuous. This is what AI governance in production looks like: not a compliance checkbox, but a continuously running control layer that gives every AI workload in your AWS estate a behavioral owner. Here is what that looks like in practice. A new AI agent spins up in an AWS account your security team does not know exists. Infrastructure Discovery finds it within minutes and surfaces it on the relationship graph, attributed to the engineer who created it. AI Hypervisor begins instrumenting it at the kernel level, tracing every call it makes to external services. When it routes a request that carries PII outside an approved boundary, the enforcement engine blocks it before it reaches the model provider. And the entire sequence is logged in the compliance record that will be ready when your auditor asks for it.\\n\\nThat loop does not require a ticket, a deploy cycle, or a security review that happens three sprints later. It closes automatically.\\n\\nThe AI Control Platform launches today with two products.\\n\\n## **Infrastructure Discovery: The Territory Map**\\n\\n\\n\\nBefore you can govern your AI, you need to know what you have. And that does not just mean an inventory of AI agents. It means knowing every EKS cluster, Lambda function, API Gateway, VPC, and load balancer across every AWS account in your environment, because that is the infrastructure your AI workloads run on. If you cannot see the stack underneath the AI, you cannot govern the AI sitting on top of it.\\n\\nThat sounds obvious. It turns out to be genuinely hard at scale.\\n\\nIf you follow AWS\u2019s recommended multi-account strategy, you might be running hundreds of AWS accounts. Each one is an independent security boundary. Each one can spin up EKS clusters, Lambda functions, AI agents, and model API integrations in minutes, often without security knowing it happened. And each undisclosed service is potentially a third-party vendor relationship that has not gone through your risk management process.\\n\\nInfrastructure Discovery uses cross-account IAM role assumption to scan every registered AWS account, across every region, and builds a live relationship graph of everything it finds: compute, network, API Gateway, Lambda, and IAM resources, with CloudTrail attribution showing who created each asset. That shadow AI service spinning up in an account your team does not monitor surfaces within minutes, not weeks.\\n\\nDiscovery also makes your existing AWS security investments work harder. It syncs the findings Security Hub aggregates from GuardDuty, Inspector, IAM Access Analyzer, Macie, and AWS Config, placing each one directly on the relationship graph node it affects, rewritten in plain language so analysts can act on them. GuardDuty fired in account 847? You see which asset the finding is attached to, what it connects to, and who created it.\\n\\n**What you get:**\\n\\n * Undeclared AWS resources surfaced within minutes across every account and region, attributed to the engineer who created each one\\n * Live relationship graph that shows what each asset connects to and who owns it\\n * Security Hub findings placed on the graph with full asset context, rewritten in plain language\\n * Know what changed and when, down to the field level, across every account\\n\\n\\n\\n## **AI Hypervisor: Runtime Visibility and Control**\\n\\n\\n\\nInfrastructure Discovery maps your AWS estate. AI Hypervisor watches what your AI does inside it.\\n\\nIt deploys as a Kubernetes DaemonSet on Amazon EKS via Helm. Label a deployment, and instrumentation begins in 60 seconds. No application code changes, no sidecars, no restarts. It works across Python, Go, Node, Java, Ruby, and generic containers, and covers every major model provider: AWS Bedrock, Anthropic, OpenAI, Azure OpenAI, Google Gemini, Cohere, Mistral, Together, Groq, and Replicate.\\n\\nThe mechanism that sets AI Hypervisor apart is eBPF combined with patented non-invasive analysis. It operates at the kernel level, which means it sees every outbound connection an AI workload makes. Not just LLM calls. Calls to S3, internal APIs, databases, Slack, anywhere an agent reaches. No other tool in this space does this without modifying or instrumenting the application itself. That matters most for compiled languages, legacy systems, and enterprise applications where instrumentation is not an option.\\n\\nEvery call is attributed back to the user or session that triggered it, across service hops, even when applications do not propagate trace headers. That attribution is the difference between \u201can agent did this\u201d and \u201cthis agent, acting on behalf of this user, did this at 14:03.\u201d\\n\\nSensitive data detection runs inline. Credit cards, SSNs, passports, email addresses, API keys, JWT tokens, and dates of birth are flagged in real time as they move through pipelines. When an enforcement policy triggers, it blocks at the egress boundary. When a session is compromised, operators revoke it by user identity or trace ID and the connection drops at the kernel. No pod restart. No deploy cycle.\\n\\nAnd because compliance is driven by evidence, AI Hypervisor generates that evidence continuously: a coverage heatmap, an AI inventory with full component and CVE detail, session audit logs with payload traces, and sensitive data flow records. When August arrives, the team is ready.\\n\\n**What you get:**\\n\\n * Instrumentation in minutes with zero code changes, across every major language and container type\\n * Every call attributed to the user who triggered it, across service hops, with no trace header dependency\\n * Inline PII and credential detection across credit cards, SSNs, passports, API keys, JWT tokens, and more\\n * Enforcement at the kernel: block calls, revoke sessions by user or trace ID, rate-limit, no pod restart required\\n * Continuously generated compliance evidence for EU AI Act, SOC 2, and model risk frameworks, audit-ready at any time\\n\\n\\n\\n## **The Wallarm AI Control Loop: One Platform. One Control Plane.**\\n\\nInfrastructure Discovery maps the territory. AI Hypervisor instruments, observes, enforces, and produces the evidence. The same platform that secures the APIs underneath your AI now governs the AI itself. Together, they close the loop that every other tool in your stack leaves open.\\n\\nYour AI is already running. Find out what it\u2019s doing before your next audit does.\\n\\n**See what\u2019s running in your environment \u2192****wallarm.com\/request-demo**\\n\\n## **Frequently Asked Questions (FAQ)**\\n\\n**What is the Wallarm AI Control Platform?**\\n\\nThe Wallarm AI Control Platform is a unified AI governance and API security platform that discovers AI workloads, observes their runtime behavior, enforces policy at the connection level, and produces continuous compliance evidence \u2014 in one closed loop, running natively inside the customer’s AWS environment.\\n\\n**How does Wallarm find AI services I don’t know about?**\\n\\nInfrastructure Discovery uses cross-account IAM role assumption to scan every registered AWS account across every region. It surfaces new AI services within minutes of deployment, attributed to the engineer who created each one via CloudTrail.\\n\\n**Does AI Hypervisor require application code changes?**\\n\\nNo. AI Hypervisor deploys as a Kubernetes DaemonSet on Amazon EKS via Helm. Label a deployment, and instrumentation begins in 60 seconds. No code changes, no sidecars, no restarts.\\n\\n**How does Wallarm help with EU AI Act compliance?**\\n\\nAI Hypervisor generates compliance evidence continuously: a coverage heatmap, AI inventory, session audit logs, and sensitive data flow records. Audit-ready at any time \u2014 not assembled from spreadsheets the week before the review.\\n\\n**What AI model providers does Wallarm support?**\\n\\nAI Hypervisor covers AWS Bedrock, Anthropic, OpenAI, Azure OpenAI, Google Gemini, Cohere, Mistral, Together, Groq, and Replicate.\\n\\nThe post Introducing the Wallarm AI Control Platform: One closed loop for AI security and API security. appeared first on Wallarm.”,”published”:”2026-06-04T13:30:00″,”modified”:”2026-06-04T13:30:00″,”type”:”wallarmlab”,”title”:”Introducing the Wallarm AI Control Platform: One closed loop for AI security and API security.”,”source”:””,”references”:””,”id”:”WALLARMLAB:B815072D844BCB0971F28C8A71DB0E45″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/lab.wallarm.com\/introducing-the-wallarm-ai-control-platform-one-closed-loop-for-ai-security-and-api-security\/”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-06-04T14:05:08″,”description”:”**TL;DR** \\n – AI deployment has outpaced AI governance. Most enterprises running AI on AWS cannot answer four basic security questions about what’s running, what…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,13,33,7,11,5,105],"class_list":["post-59668","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability","tag-wallarmlab"],"yoast_head":"\n