Challenges around AI-as-a-Service logging
Jeremy Snyder
fwd:cloudsec North America 2025 · Day 2 · Track 2 - Crestone
Jeremy Snyder presented a detailed examination of the current state of logging for AI-as-a-Service offerings, focusing primarily on **Amazon Bedrock** but touching on broader challenges across cloud providers. As the founder of a company that began life as an API security firm, Snyder brings a practical lens to the problem: organizations are rapidly adopting AI services but have almost no unified visibility into what those services are doing, what data they are processing, or how to detect misuse. The talk catalogues the specific, often maddening inconsistencies in log formats, metadata, and documentation that make building a coherent AI security monitoring capability an exercise in frustration.
AI review
A thorough cataloguing of AI logging inconsistencies and gaps, but ultimately this is an infrastructure and observability talk, not a security research talk. No exploits, no novel attack techniques, no vulnerability findings. Useful for blue teams building AI monitoring stacks, but there's nothing here that makes an offensive researcher's pulse quicken.