
Summary
This anomaly rule detects identities invoking high-risk filesystem and execution tools via AWS Bedrock Claude. It analyzes Bedrock Claude invocation payloads to identify potentially dangerous commands (for example: bash, curl, edit, write, webfetch, grep, read, read_file) used by each identity and compares current activity against historical baselines. The rule aggregates events by modelId and region, capturing per-identity metrics such as the number of invocations, unique tools used, total input/output tokens, and first/last seen times, along with identities involved (including automated sessions, assumed roles, and IAM users). Risk scoring is driven by combinations of tools and identity type: CRITICAL if multiple high-risk tools are used together (e.g., bash with curl, bash with write, curl with edit), or when an identity type indicates an elevated privilege path (assumed_role); HIGH for single high-risk tool usage (bash, curl, edit, write, webfetch) or when three or more tools are invoked; MEDIUM otherwise. Each finding includes a risk_reason string describing the contributing pattern (e.g., specific tool pairs, broad tool usage, or an assumed_role shell use). The output surfaces: risk_score, risk_reason, modelId, region, unique_callers, unique_tools_used, user and caller details, identity_types, invocation counts, tool lists, token totals, and time ranges. The rule is intended to flag suspicious escalation, exfiltration, or unauthorized command execution that may indicate adversarial activity or misused AI-assisted tooling. It relies on ingesting Bedrock Claude logs (payloads) into Splunk via the AWS Bedrock integration, enabling per-identity anomaly detection and drill-down investigations. Known false positives include legitimate development, automation, or infrastructure-management activities where shell or file/network tools are legitimately invoked through Claude as part of approved workflows.
Categories
- Endpoint
- Cloud
Data Sources
- Application Log
- Cloud Service
- Cloud Storage
- Process
- Web Credential
ATT&CK Techniques
- T1055
Created: 2026-07-07