The News: At re:Invent, Amazon Web Services (AWS) launched Guardrails for Amazon Bedrock into preview. With the new tool, Amazon Bedrock users can define denied topics and content filters to remove undesirable and harmful content from interactions between their applications and users. Here are the key details:

• Additional layer of protection. Guardrails for Amazon Bedrock controls are an additional layer of protection to any protections built into foundation models.
• Apply to all LLMs in Amazon Bedrock. This feature includes fine-tuned models and Agent for Amazon Bedrock (see Next-Generation Compute: Agents for Amazon Bedrock Complete Tasks for more information).
• Control: Denied topics and configure with natural language commands. Users can use a short natural language description to define a set of topics that are undesirable in the context of their application.
• Control: Content filters. Users can configure thresholds to filter harmful content across hate, insults, sexual, and violence categories. While many FMs already provide built-in protections to prevent the generation of undesirable and harmful responses, Guardrails gives users additional controls to filter such interactions to desired degrees based on the users company’s use cases and responsible AI policies.
• Control: PII redaction. Coming soon, users will be able to select a set of personally identifiable information (PII) such as name, email address, and phone number, that can be redacted in FM-generated responses, or they can block user input if it contains PII.

Read the AWS new blog post on the launch of Guardrails for Amazon Bedrock here.

Guardrails for Amazon Bedrock Show AWS Gets Gen AI

Analyst Take: Microsoft and Google offer some forms of responsibly controlling AI model outputs, but Guardrails for Amazon Bedrock is the most advanced. Here are some thoughts on the potential impact of Guardrails for Amazon Bedrock.

Competitor Offering: Microsoft

Microsoft offers Azure AI Content Safety, launched October 17. The tool is a new service designed to help users “detect and filter harmful user-generated and AI-generated content in their applications and services.” It includes text and image detection filtering content that is offensive, risky, or undesirable, such as profanity, adult content, gore, violence, hate speech, and more. It is a very comprehensive content filtering tool, designed as a safety check. Users send their content for analysis and receive a response indicating the severity level. Through the Azure AI Content Safety Studio, users get a monitoring dashboard to track and manage content safety standards.

Competitor Offering: Google Cloud

In its Vertex AI suite, Google Cloud features built-in content filtering in the Generative AI Studio and the PaLM API has safety attribute scoring “to help customers test Google’s safety filters and define confidence thresholds that are right for their use case and business.” You can read a full description of these features on the Google website. With the adjustable safety filter threshold, “users can adjust how likely they are to see responses that could be harmful. Model responses are blocked based on the probability that it contains harassment, hate speech, dangerous content, or sexually explicit content.” For the PaLM API, “Content processed through the Vertex AI PaLM API is assessed against a list of safety attributes, which include ‘harmful categories’ and topics that can be considered sensitive.

Each safety attribute has an associated confidence score between 0.0 and 1.0, rounded to one decimal place, reflecting the likelihood of the input or response belonging to a given category.

Four of these safety attributes (harassment, hate speech, dangerous content, and sexually explicit), are assigned a safety rating (severity level) and a severity score ranging from 0.0 to 1.0, rounded to one decimal place. These ratings and scores reflect the predicted severity of the content belonging to a given category. Categories with a score that rounds to 0.0 are omitted in the response.”

In both the Generative AI Studio and the PaLM API, the intent is content filtering monitoring. The PaLM API requires further management by developers once codes are detected.

Guardrails for Amazon Bedrock Differentiators

The advantages for Guardrails for Amazon Bedrock over the offerings from Microsoft and Google are:

• Prevention, not detection. Guardrails is a tool to configure large language models (LLMs) before outputs. The Microsoft and Google offerings are more detection tools designed for monitoring and testing once LLM outputs have been produced.
• Universal. Guardrails can be applied to all LLMs in Amazon Bedrock. Microsoft’s offering is not specific to LLMs but rather Azure-produced content in general. Google Cloud did not specify whether the control worked across LLMs in the Generative AI Studio. The PaLM API is specific to the PaLM LLM.
• Automation. Both the Microsoft and Google Cloud offerings are filters that find content. Once the content is identified, developers have to take additional action to remedy. Guardrails for Amazon Bedrock is not a content filter detector, it is a prevention tool. No extra steps required.
• Sophisticated UI. Guardrails for Amazon Bedrock leverages a conversational AI interface for the denied topics control. The other offerings are standard toggles and drop-down controls.
• PII. Filtering PII is a key challenge to effectively leveraging foundation models because it is difficult work to filter it out. Although the PII capability is yet to come for Guardrails for Amazon Bedrock, the competitors have nothing like it.

Conclusions

Guardrails for Amazon Bedrock is a reflection of careful thinking by AWS about the responsible use of AI. The prevention/proactive approach is unique at this point, though it is likely that both Microsoft and Google will soon add similar features to their AI development platforms. Regardless, the initiative is the mark of AI leadership and another signal that AWS understands generative AI and is fully engaged in enabling enterprises to leverage generative AI.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other insights from The Futurum Group:

Next-Generation Compute: Agents for Amazon Bedrock Complete Tasks

Amazon CodeWhisperer and MongoDB Collaborate

AWS, Microsoft, and Google Cloud: Tying Up LLMs

Author Information

Mark Beccue

Mark comes to The Futurum Group from Omdia’s Artificial Intelligence practice, where his focus was on natural language and AI use cases.

Previously, Mark worked as a consultant and analyst providing custom and syndicated qualitative market analysis with an emphasis on mobile technology and identifying trends and opportunities for companies like Syniverse and ABI Research. He has been cited by international media outlets including CNBC, The Wall Street Journal, Bloomberg Businessweek, and CNET. Based in Tampa, Florida, Mark is a veteran market research analyst with 25 years of experience interpreting technology business and holds a Bachelor of Science from the University of Florida.