https://community.checkpoint.com/t5/Workforce-AI-Security/Trustworthy-AI-at-Enterprise-Scale/m-p/266301#M32 <P>Trustworthy AI at Enterprise Scale: Securing Retrieval Augmented Generation&nbsp;Applications in AWS and the Hybrid Cloud</P> <P>Authors: Micki Boland Technologist, and contributor Paul Ardoin Manager AWS Partner Cloud Security</P> <P>Use Case Focus: Generative AI Retrieval Augmented Generation for In-House Cybersecurity&nbsp;Programs</P> <P>Executive Summary<BR />Generative AI is rapidly reshaping enterprise cybersecurity operations, enabling organizations to extract&nbsp;intelligence, not just signals, from vast volumes of security telemetry, threat intelligence, identity data, and&nbsp;operational documentation. Among the most impactful architectural patterns enabling this shift is Retrieval&nbsp;Augmented Generation (RAG), which combines large language models (LLMs) with proprietary&nbsp;knowledge sources to deliver context-aware, explainable, and actionable insights at machine speed.<BR />Yet as enterprises deploy GenAI LLM RAG applications across hybrid cloud environments, blending on-premises data lakes with services such as Amazon Bedrock, Amazon SageMaker, and OpenSearch, they&nbsp;also introduce new and asymmetric risk. Prompt injection, data poisoning, model inversion, and agentic&nbsp;exploitation now target not just applications, but the intelligence layer itself. Authoritative frameworks such&nbsp;as NIST AI RMF, MITRE ATLAS, and the OWASP Top 10 for LLM Applications (2025) confirm that AI workloads demand security architectures beyond traditional DevSecOps.</P> <P>This paper presents a practical, enterprise-grade path to securing GenAI LLM RAG applications,&nbsp;anchored in defense-in-depth, zero trust, and continuous observability. Using Check Point CloudGuard&nbsp;Network Security, CloudGuard WAF, and AI-native telemetry integrations (including Lakera Guard),&nbsp;organizations can protect hybrid RAG pipelines while enabling innovation at scale. The goal is not merely&nbsp;compliance or prevention, but operational resilience, trusted AI systems that elevate cybersecurity teams&nbsp;from alert triage to strategic risk leadership.</P> <P>To read the full paper, please download here.&nbsp;</P> Wed, 31 Dec 2025 17:06:09 GMT Michele_Boland 2025-12-31T17:06:09Z https://community.checkpoint.com/t5/Workforce-AI-Security/Trustworthy-AI-at-Enterprise-Scale/m-p/266301#M32 <P>Trustworthy AI at Enterprise Scale: Securing Retrieval Augmented Generation&nbsp;Applications in AWS and the Hybrid Cloud</P> <P>Authors: Micki Boland Technologist, and contributor Paul Ardoin Manager AWS Partner Cloud Security</P> <P>Use Case Focus: Generative AI Retrieval Augmented Generation for In-House Cybersecurity&nbsp;Programs</P> <P>Executive Summary<BR />Generative AI is rapidly reshaping enterprise cybersecurity operations, enabling organizations to extract&nbsp;intelligence, not just signals, from vast volumes of security telemetry, threat intelligence, identity data, and&nbsp;operational documentation. Among the most impactful architectural patterns enabling this shift is Retrieval&nbsp;Augmented Generation (RAG), which combines large language models (LLMs) with proprietary&nbsp;knowledge sources to deliver context-aware, explainable, and actionable insights at machine speed.<BR />Yet as enterprises deploy GenAI LLM RAG applications across hybrid cloud environments, blending on-premises data lakes with services such as Amazon Bedrock, Amazon SageMaker, and OpenSearch, they&nbsp;also introduce new and asymmetric risk. Prompt injection, data poisoning, model inversion, and agentic&nbsp;exploitation now target not just applications, but the intelligence layer itself. Authoritative frameworks such&nbsp;as NIST AI RMF, MITRE ATLAS, and the OWASP Top 10 for LLM Applications (2025) confirm that AI workloads demand security architectures beyond traditional DevSecOps.</P> <P>This paper presents a practical, enterprise-grade path to securing GenAI LLM RAG applications,&nbsp;anchored in defense-in-depth, zero trust, and continuous observability. Using Check Point CloudGuard&nbsp;Network Security, CloudGuard WAF, and AI-native telemetry integrations (including Lakera Guard),&nbsp;organizations can protect hybrid RAG pipelines while enabling innovation at scale. The goal is not merely&nbsp;compliance or prevention, but operational resilience, trusted AI systems that elevate cybersecurity teams&nbsp;from alert triage to strategic risk leadership.</P> <P>To read the full paper, please download here.&nbsp;</P> Wed, 31 Dec 2025 17:06:09 GMT https://community.checkpoint.com/t5/Workforce-AI-Security/Trustworthy-AI-at-Enterprise-Scale/m-p/266301#M32 Michele_Boland 2025-12-31T17:06:09Z https://community.checkpoint.com/t5/Workforce-AI-Security/Trustworthy-AI-at-Enterprise-Scale/m-p/266303#M33 <P>Great article! Thanks for sharing.</P> <P>Happy new year.</P> Wed, 31 Dec 2025 17:41:10 GMT https://community.checkpoint.com/t5/Workforce-AI-Security/Trustworthy-AI-at-Enterprise-Scale/m-p/266303#M33 the_rock 2025-12-31T17:41:10Z https://community.checkpoint.com/t5/Workforce-AI-Security/Trustworthy-AI-at-Enterprise-Scale/m-p/266304#M34 <P>Thanks the_rock!</P> Wed, 31 Dec 2025 18:04:36 GMT https://community.checkpoint.com/t5/Workforce-AI-Security/Trustworthy-AI-at-Enterprise-Scale/m-p/266304#M34 Michele_Boland 2025-12-31T18:04:36Z https://community.checkpoint.com/t5/Workforce-AI-Security/Trustworthy-AI-at-Enterprise-Scale/m-p/266305#M35 <P>Thank you&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/1658">@Michele_Boland</a>&nbsp;. I can tell you that lots of customers recently discussed AI threats with me and they are super impressed with the fact CP has been very active as far as protecting against it, specially with Lakera acquisition, it shows the great initiative.</P> <P>Again, all the best in new year and looking forward to even better results!</P> Thu, 01 Jan 2026 03:39:57 GMT https://community.checkpoint.com/t5/Workforce-AI-Security/Trustworthy-AI-at-Enterprise-Scale/m-p/266305#M35 the_rock 2026-01-01T03:39:57Z