Securing AI agents: Why guardrail placement is a key design decision

Yuki Matsuzaki discusses the importance of guardrail placement in AI agents, particularly in managed systems like Amazon Bedrock and self-orchestrated setups with Datadog AI Guard. The article explores a demo scenario involving an indirect prompt injection attack to highlight how the placement of guardrails impacts security. In managed environments like Amazon Bedrock, guardrails are limited to the edges of the orchestration loop, offering convenience but less control. In contrast, self-orchestrated agents with Datadog AI Guard allow for more granular guardrail placement throughout the orchestration loop, providing enhanced security by evaluating prompts, tool calls, and outputs at multiple points. The trade-offs between managed convenience and in-depth governance are examined, offering insights into choosing the right guardrail strategy based on threat models, compliance requirements, and the sophistication of potential attacks.