Are your Commercial AI Agents accessing websites they shouldn't?

You might be tempted to slap a chatbot on your website.

Then, to further its capabilities, you give it access to AgentCore Browser Tools.

I’m not sure I would recommend that for a public-facing tool that does NOT require authentication, but I am not here to judge.

How do you ensure that Agent doesn’t go rogue and DDoS some random site or worse, drop user-specific information on some malicious site?

Even AI Agents can fall victim to Phishing attacks.

If you do give an agent access to Browser Tools, you should 100% lock it down with AWS Network Firewall.

Luckily, Agent Core accesses your VPC just like any other AWS service, so it's easy to lock down.

If you need help locking it down, feel free to reach out to me, and let’s set up a time to chat.

For more information on AWS security checkout my On-Demand Video Course on O'Reilly Zero to Hero on AWS Security: An Animated Guide to Security in the Cloud