A cost-effective, serverless autonomous threat containment system built on AWS. This POC demonstrates how to automatically detect, analyze, and respond to security threats using native AWS servicesβinspired by the agentic AI patterns announced at AWS re:Invent 2025.
This project implements an autonomous security response pipeline that:
- Detects threats via Amazon GuardDuty
- Enriches findings with correlated signals from Security Hub
- Evaluates containment policies (Cedar-inspired rules)
- Checks incident memory for similar past events
- Executes containment actions (isolation, forensic snapshots)
- Notifies the security team via SNS
- Records episodes for future learning
After attending AWS re:Invent 2025 and seeing the Amazon Bedrock AgentCore announcements, I wanted to validate the agentic security patterns without committing to expensive managed services upfront. This POC cost approximately $0.15 to build and test.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β GuardDuty (Sample Findings for Testing) β
ββββββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β EventBridge Rule (severity >= 4 filter) β
ββββββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Step Functions State Machine β
β β
β βββββββββββ βββββββββββ βββββββββββ βββββββββββββββββββββββ β
β β Enrich ββββΆβ Check ββββΆβEvaluate ββββΆβ Execute Containment β β
β β Finding β β Memory β β Policy β β (Parallel Actions) β β
β βββββββββββ βββββββββββ βββββββββββ βββββββββββββββββββββββ β
β β β
β ββββββββββββββββββββββββββββββββββ β
β βΌ β
β ββββββββββββββββ ββββββββββββββββ β
β β Notify SOC ββββΆβRecord Episodeβ β
β β (SNS) β β (DynamoDB) β β
β ββββββββββββββββ ββββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- AWS Account with Administrator access
- AWS CLI v2 configured (
aws configure) - Bash shell (Linux/macOS/WSL)
- Python 3.9+ (for test scripts)
# Clone the repository
git clone https://github.com/lshw54/aws-threat-containment-agent-demo.git
cd aws-threat-containment-agent-demo
# Deploy all resources
chmod +x deploy.sh
./deploy.shThe deployment script will create:
- 1 DynamoDB table (incident memory)
- 1 SNS topic (SOC notifications)
- 7 Lambda functions (containment logic)
- 1 Step Functions state machine (orchestration)
- 1 EventBridge rule (GuardDuty trigger)
- Required IAM roles and policies
# Generate sample findings and verify execution
./scripts/test.shExpected output:
π§ͺ Testing Pipeline...
1οΈβ£ Generating sample findings...
β Sample findings generated
2οΈβ£ Waiting 60 seconds for pipeline execution...
3οΈβ£ Checking executions...
+------------------------------------------+-----------+
| Name | Status |
+------------------------------------------+-----------+
| abc123-def456-... | SUCCEEDED |
+------------------------------------------+-----------+
4οΈβ£ Checking DynamoDB...
Count: 1
β
Test complete! Check your email for SNS notifications.
aws-threat-containment-agent/
βββ lambda/
β βββ enrich_finding.py # Enrich GuardDuty findings
β βββ check_incident_memory.py # Query similar past incidents
β βββ evaluate_containment_policy.py # Cedar-inspired policy engine
β βββ snapshot_for_forensics.py # Create EBS snapshots
β βββ isolate_instance.py # Apply isolation security group
β βββ notify_soc.py # Send SNS notifications
β βββ record_episode.py # Store incident in DynamoDB
βββ infrastructure/
β βββ state_machine.json # Step Functions definition
βββ scripts/
β βββ generate_sample_findings.py # Generate test findings
β βββ test.sh # End-to-end test script
β βββ verify_pipeline.py # Verification utility
βββ docs/
β βββ architecture.png # Architecture diagram
βββ deploy.sh # One-click deployment
βββ cleanup.sh # Resource cleanup
βββ diagnose.sh # Troubleshooting utility
βββ README.md
The default rule triggers on GuardDuty findings with severity >= 4 (Medium and above):
{
"source": ["aws.guardduty"],
"detail-type": ["GuardDuty Finding"],
"detail": {
"severity": [{"numeric": [">=", 4]}]
}
}| Finding Type | Severity | Triggers Pipeline? |
|---|---|---|
UnauthorizedAccess:EC2/SSHBruteForce |
2.0 | β No |
Recon:EC2/PortProbeUnprotectedPort |
5.0 | β Yes |
Backdoor:EC2/C&CActivity.B |
8.0 | β Yes |
CryptoCurrency:EC2/BitcoinTool.B |
8.0 | β Yes |
The policy engine (evaluate_containment_policy.py) implements these rules:
| Policy | Condition | Action |
|---|---|---|
| Sample Finding Safe Mode | isSampleFinding == true |
Forensics only, no isolation |
| High False Positive | falsePositiveRate > 30% |
Require human approval |
| Uncorrelated High Severity | severity >= 7 AND correlationScore < 1 |
Require human approval |
| Default | All checks pass | Permit all actions |
| Component | Monthly Cost (Low Volume) |
|---|---|
| GuardDuty (sample findings) | $0 |
| EventBridge | ~$0 (free tier) |
| Step Functions | ~$0.025 per 1K transitions |
| Lambda | ~$0 (free tier) |
| DynamoDB (on-demand) | ~$1.25 per 1M writes |
| SNS | ~$0 (free tier) |
| Total for POC testing | ~$0.15 |
Run the diagnostic script to identify issues:
./diagnose.shEventBridge not triggering Step Functions:
# Check if rule exists and is enabled
aws events describe-rule --name ThreatContainmentTrigger
# Check IAM role permissions
aws iam get-role-policy \
--role-name ThreatContainmentEventBridgeRole \
--policy-name InvokeStepFunctionsNo sample findings generated:
# Verify GuardDuty is enabled
aws guardduty list-detectors
# Generate high-severity findings
aws guardduty create-sample-findings \
--detector-id YOUR_DETECTOR_ID \
--finding-types "Backdoor:EC2/C&CActivity.B"This POC validates patterns that map directly to Amazon Bedrock AgentCore (announced at re:Invent 2025):
| Current Implementation | AgentCore Upgrade |
|---|---|
| Lambda policy engine | AgentCore Policy (Cedar + natural language) |
| DynamoDB queries | AgentCore Memory (semantic search) |
| Direct Lambda invocation | AgentCore Gateway (MCP tool discovery) |
| No quality monitoring | AgentCore Evaluations (continuous assessment) |
Remove all created resources:
chmod +x cleanup.sh
./cleanup.shNote: GuardDuty is NOT disabled by the cleanup script. To disable:
aws guardduty delete-detector --detector-id YOUR_DETECTOR_ID- AWS re:Invent 2025: AgentCore Announcements
- Amazon Bedrock AgentCore Documentation
- GuardDuty Finding Types
- Cedar Policy Language
- Step Functions Best Practices
Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first to discuss what you would like to change.
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.