Bedrock Data Adds AI Governance and Natural-Language Policy Tools
▼ Summary
– Bedrock Data launched ArgusAI to provide AI governance by tracking data usage in AI models and evaluating guardrail effectiveness against sensitive data leakage.
– Natural Language Policy enables data control implementation across systems using plain English, which works with ArgusAI to govern AI systems naturally.
– ArgusAI addresses enterprise-scale governance gaps by leveraging a petabyte-scale Metadata Lake for precise, automated AI governance across diverse data environments.
– ArgusAI includes AI Data Bill of Materials to link AI components to datasets and performs guardrail gap analysis to identify and remediate insufficient data controls.
– Natural Language Policy and Investigation allows teams to define policies and query AI systems in plain English, unifying data, identity, and AI governance with explainable answers.
Businesses racing to adopt artificial intelligence now have a powerful new ally for managing risk and compliance. Bedrock Data has launched two innovative solutions: ArgusAI for AI governance and Natural Language Policy for simplified control management. These tools directly tackle the urgent challenge of securing sensitive information as companies integrate AI into their core operations.
ArgusAI represents a significant expansion of the company’s data security platform into the AI governance space. It provides enterprises with deep visibility into the data their AI models and agents interact with, both during training and when generating responses. Crucially, it evaluates whether existing technical safeguards are effectively preventing the leakage of confidential information.
The companion product, Natural Language Policy, empowers teams to implement complex data controls across all their systems using simple, plain English commands. When used in tandem with ArgusAI, this natural language capability extends to governing AI systems, allowing for policy creation and enforcement without requiring deep technical expertise.
Current data security tools often fall short when applied to AI. They can discover where data resides but fail to clarify what specific information was used to train a model, what data an AI can access in real-time, or if protective measures are genuinely working. ArgusAI bridges this gap by harnessing the power of Bedrock’s petabyte-scale Metadata Lake. This allows organizations to govern their AI initiatives with the same level of context, precision, and automation they already apply to their structured, unstructured, and cloud-based data.
The platform’s strength lies in two core functions. The first is the AI Data Bill of Materials (DBOM), which automatically creates a detailed inventory linking Amazon Bedrock Custom Models, Knowledge Bases for RAG, and Agents directly to the specific datasets they use. The second is Guardrail Gap Analysis and Remediation. This function assesses whether current technical guardrails are strong enough to block sensitive data exposure based on the DBOM. When weaknesses are identified, ArgusAI generates specific, actionable steps for security and engineering teams to implement.
This gap analysis is powered by Bedrock Data’s Metadata Lake, a unified knowledge base that maps the complete context of enterprise data, including its sensitivity, lineage, and access permissions. Because this system scales to handle petabytes of information, the resulting DBOM offers an unparalleled record of the relationships between AI models and data.
For example, if a company policy states that AI agents must never process credit card numbers, the platform can detect if such data appears in a model’s training path. It would then determine that existing controls are inadequate and produce a concrete plan to mask or suppress that data at its source or during the agent’s operation.
The Natural Language Policy feature creates a unified governance layer that spans data, identity, and now AI systems. Legal, compliance, and security teams can articulate rules in plain English, such as “Only HR members may view employment data” or “EU personal data must not leave EU regions.” Bedrock Data’s platform then translates these directives into enforceable controls across all connected systems.
This capability integrates seamlessly with the AI governance context. Investigators can ask direct questions like, “Which models have access to protected health information?” or “Which user identities interacted with customer PII through an agent?” The system provides precise, evidence-backed answers drawn from the Metadata Lake, complete with data lineage and access history. This unifies data, identity, and AI governance under a single, operational language.
“Companies are caught between the need to move fast with AI and the absolute requirement to govern it effectively,” said Pranava Adduri, CTO of Bedrock Data. “The core issue is that policies often can’t be enforced across a patchwork of systems that all use different control languages. When development teams deploy AI rapidly, but governance lags due to complexity, the gap between policy and practice becomes a major liability. By linking every model to its data origins, identifying guardrail weaknesses, and turning natural language into action, ArgusAI makes responsible AI a practical reality at scale.”
(Source: HelpNet Security)