Continuous Security Posture Intelligence with Generative AI

Case study – Delivering intelligent security with AWS AI

The challenge: scaling security assurance across a complex AWS estate

A large enterprise organisation operating a complex, highly regulated multi-account AWS estate had no scalable way to assess its security posture without significant manual effort. Reviews were point-in-time and script-based, leaving exposures such as misconfigured security groups, public endpoints, and unused infrastructure undetected between checks. This meant the findings could not be turned into consistent, stakeholder-ready reports. As the estate grew, manual assurance could not keep pace, increasing both operational cost and risk.

A scalable, AI-powered platform for continuous cloud security insight

We delivered a production, multi-account generative AI platform with Amazon Bedrock at its core, deployed within the customer’s AWS boundary. Amazon Bedrock Agents orchestrate discovery across the estate through AWS Lambda action groups assuming least-privilege cross-account roles, while Knowledge Bases for Amazon Bedrock ground report generation in the customer’s security standards and AWS best practice using retrieval-augmented generation. Bedrock Guardrails enforce PII masking and output safety on every invocation, AWS Step Functions coordinate estate-wide scans, Amazon S3 with Object Lock stores immutable findings, and Amazon Athena and Amazon QuickSight provide self-service reporting. The result converts raw, distributed infrastructure data into structured findings and clear, human-readable insight.

Reducing risk, cost and response time through continuous security visibility

End-to-end reporting cycle time fell from 2–3 days to under an hour for a full multi-account scan, and time to notify resource owners dropped from around 4 days to under 2 hours, an approximate 88% reduction. The solution delivered over £1,000 per month in confirmed infrastructure cost savings by identifying and removing unused resources, and moved the organisation from periodic, manual reviews to near real-time, continuous security posture visibility across the estate.

Public Sector
Moving Brent Council from stabilisation to optimisation with Oracle SaaS and AI Read more
Recruitment
The Hays zero-disruption playbook: how to deliver a smooth cloud migration Read more
Financial Services
Modernizing Celink’s Reverse Mortgage Platform with Next Gen Development Read more