IOC Radar
TLP:WHITE1 IOC

Secure multi-tenant AI agents with Amazon Bedrock AgentCore resource-based policies

AS
AWS Security
Published June 2, 2026Original Report

Diamond Model

Attack Flow6 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1078
1/6
Valid Accounts
ActionUse valid AWS credentials
Tenant A's developer and admin roles use valid AWS credentials to access the AI agent.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise1

TypeIndicatorConfidenceScoreFirst Seen
SHA122d200f8670dbdb3e253a90eee5098477c95c23d
aptespionagefile-hash
High
85
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph1 total IOCs
SHA1
SHA11REPORTSecure multi-tenant AI age
scroll to zoom · drag to pan · click IOC to open