Securing AI Agent Behavior with Amazon Bedrock AgentCore and Check Point AI Security
AI agents are rapidly becoming a new operational layer inside the enterprise.
Unlike traditional chatbots, modern agents do not simply generate responses. They retrieve information, invoke tools, access enterprise systems, make decisions, and take actions on behalf of users.
As organizations move from experimentation to production deployments, they are increasingly looking for ways to connect agents to business applications, data sources, models, and services while maintaining visibility and control over how those agents behave.
Today, we’re excited to share our upcoming integration with Amazon Bedrock AgentCore and our vision for helping organizations deploy trusted AI agents at enterprise scale.
AgentCore Is Expanding the Enterprise Agent Foundation
AgentCore is the platform organizations use to build, connect, and optimize AI agents at scale.
AgentCore brings together capabilities across the agent lifecycle, including AgentCore Gateway, AgentCore Registry, AgentCore Identity, and AgentCore Policies. These capabilities help organizations connect agents to tools, interact with models, authenticate identities, apply organizational policies, and operate across complex workflows.
We are especially excited about AWS’s work to expand AgentCore gateway to support LLM interactions, not just tool and MCP connectivity. This reflects where enterprise AI is headed: agents are operating across models, tools, data, and applications, and security needs to operate across that full interaction path.
AgentCore Policies are also an important part of this model. Today, AgentCore Policies can act on signals from Amazon Bedrock Guardrails to help identify risks such as prompt injection attempts, harmful content, and sensitive data exposure. These checks operate at the gateway layer, outside the agent’s code and context.
Looking ahead, organizations will also be able to incorporate runtime security signals from Check Point AI Agent Security into those same policy decisions.
Together, AgentCore Policies and Check Point AI Agent Security help organizations move toward a more complete approach to governing agent behavior and outcomes.
From Agent Permissions to Agent Outcomes
As agents take on more complex workflows, enterprise security teams need to extend familiar principles like least privilege and separation of duties to how agents access systems, use tools, and take action.
Organizations need to know:
- Which systems an agent can interact with
- Which tools an agent can invoke
- Which data an agent can retrieve
- Which actions an agent can take on behalf of a user
- Which policies apply across the agent workflow
These controls are foundational. They help reduce risk by limiting what agents can reach and what they are permitted to do.
But even well-scoped permissions do not eliminate risk.
Once an agent can reason, invoke tools, retrieve data, and take action, organizations also need to evaluate whether the agent is using those permissions appropriately.
A typical agent may be permitted to access a CRM platform, retrieve customer information, generate reports, and send emails. Yet that same agent could still be manipulated into retrieving unrelated sensitive data, invoking unnecessary tools, or distributing information beyond its intended audience.
In agentic systems, permissions can be valid while the action is still wrong.
This is why organizations increasingly need security that evaluates not only what an agent is permitted to do, but also whether the agent’s behavior remains aligned with user intent, application purpose, and organizational policy.
AgentCore Policies + Check Point AI Agent Security
The upcoming integration is built around a simple idea:
AgentCore Policies provide a framework for applying governance and security controls across agent workflows.
Check Point AI Agent Security contributes runtime intelligence that helps organizations evaluate agent behavior, interactions, and outcomes as those workflows unfold.
For example, a policy may define that an agent can interact with a particular enterprise system or invoke a specific class of tools. Check Point AI Agent Security can help evaluate the posture of the agent and the surrounding context of that interaction, including whether the agent is being manipulated, accessing unrelated sensitive information, invoking unnecessary tools, or pursuing an objective outside the intended workflow.
This helps organizations extend agent governance beyond permissions alone and toward runtime protection for agent behavior and actions.
The result is a more complete security model for enterprise agents:
- Visibility into agent deployments and configurations
- Policy-driven governance for how agents operate
- Runtime protection that evaluates agent behavior and actions
Securing the Full Agent Interaction Path
Modern agent interactions are not single-step exchanges.
A single user request may involve:
- User messages
- Conversation history
- System instructions
- Model inference
- Tool selection
- Tool descriptions
- Tool calls
- Tool responses
- Multi-step workflows
- Actions executed across enterprise systems
Security controls that only evaluate prompts or outputs cannot fully understand the risk of these interactions.
The more important question is increasingly:
Is this agent behaving as it should?
Check Point AI Security evaluates agent interactions across the full lifecycle of an agent workflow, including user interactions, system instructions, tool usage, tool responses, and agent actions.
This allows organizations to identify and prevent risks before actions are executed.
Many familiar AI security challenges ultimately manifest as agent behavior problems.
Prompt injection attacks attempt to manipulate how agents reason and act.
Sensitive data exposure occurs when agents retrieve or distribute information in ways that were never intended.
Unsafe workflows emerge when agents chain together legitimate actions that collectively create risk.
In each case, the underlying challenge is the same:
Ensuring agent behavior remains aligned with intent.
Why This Matters for Enterprise AI
Enterprise AI is moving from assistants that answer questions to agents that perform work.
That shift changes the security model.
When agents can authenticate, interact with models, invoke tools, retrieve sensitive information, and take actions, organizations need controls that understand more than permissions. They need controls that understand context, behavior, and outcomes.
AgentCore is expanding the foundation for how enterprises build and operate agents across models, tools, identities, registries, gateways, and policies.
Check Point AI Security brings behavioral security into that agent lifecycle, helping organizations protect agents as they reason, interact, and act across enterprise environments.
Building Trusted AI Agents
The next generation of AI security is not only about controlling permissions across systems.
It is about ensuring that agents use those permissions appropriately.
Together, Amazon Bedrock AgentCore and Check Point AI Security are helping organizations build trusted AI agents that can operate safely and confidently at enterprise scale.
We look forward to sharing additional details about our collaboration as AgentCore capabilities and integration availability continue to expand.
To learn more about our approach to securing AI agents, applications, and enterprise AI systems, explore our AI Governance Framework.



