splApache-2.0from splunk/security_content
AWS Bedrock Claude Unusually Large Prompts
This detection identifies unusually large prompts sent to AWS Bedrock Claude models by calculating the statistical baseline of input token counts and flagging requests that exceed 15 standard deviations above the mean. Abnormally large prompts may indicate prompt injection attacks, data exfiltration attempts, or abuse of the AI service.
Quality
67
FP risk
—
Forks
0
Views
0
Rule source🔒 locked
🔒
Sign in to view the rule source
Free accounts can view the source for the top-ranked rules. Create one in seconds — no credit card required.
Sign in →