In a July 14 Security Blog post, AWS said it has expanded Security Hub to add purpose-built protection for AI workloads and security monitoring for Microsoft Azure. The Azure expansion allows Security Hub to discover Azure virtual machines, container images, Function Apps, and identities, then evaluate them for misconfigurations, internet exposure, software vulnerabilities, and posture against the CIS Microsoft Azure Foundations Benchmark.
AWS said Azure findings are prioritized alongside AWS findings using the same finding format, automation, and response workflows. A July 7 AWS “What’s New” post also said the update extends risk analytics, cloud security posture management, vulnerability management, and security response management across AWS and Azure.
That is the ERP relevance. Many enterprise application estates are no longer tied to one cloud. SAP, Oracle, Microsoft, analytics, integration, identity, and AI workloads can sit across AWS, Azure, SaaS platforms, and external model endpoints, while business processes still depend on all of them working securely together.
AI Workloads Get Own Security Inventory
AWS is also expanding Security Hub around AI workload visibility. The company introduced GuardDuty AI Protectionf, now generally available, for Amazon Bedrock and Amazon SageMaker. The service is designed to detect anomalous model invocations, cost-harvesting attacks, and prompt-injection attempts through integration with Amazon Bedrock Guardrails.
AWS described cost harvesting as a growing risk in which attackers use compromised credentials to invoke foundation models at a victim’s expense. GuardDuty AI Protection analyzes CloudTrail management and data events from AWS AI services to identify unusual invocation patterns and suspicious activity.
The company also introduced Security Hub AI inventory, which provides an organization-wide view of AI assets and their security posture. For managed AWS services, the inventory uses AWS Config resources across Bedrock, SageMaker, and AgentCore. For self-hosted and external workloads, it identifies models running on EC2, ECS, and EKS through runtime analysis and detects external model endpoints called by workloads.
AWS said the AI inventory maps each asset to underlying infrastructure, including compute, networking, IAM roles, and data stores, then correlates those assets with security signals such as GuardDuty findings.
Why ERP Leaders Should Pay Attention
The update shows how AI and multicloud risk are converging around enterprise applications. ERP modernization increasingly creates hybrid landscapes where core systems, integration layers, analytics environments, AI services, and identity controls sit across multiple platforms.
For ERP teams, the question is not only whether a cloud resource is misconfigured. It is whether an AI workload can touch ERP data, which identity can invoke a model, whether a compromised credential can trigger expensive inference, and how AI findings connect to broader cloud, identity, and data exposure.
Help Net Security described the update as AWS retooling Security Hub for AI and multicloud threats, noting that the platform can now help security teams improve visibility across AI workloads while monitoring Azure resources alongside AWS findings. SiliconANGLE similarly framed the move as AWS expanding Security Hub into a broader full-stack control plane for fragmented cloud infrastructure.
Get Our Free Weekly Newsletter
What This Means for ERP Insiders
ERP security now lives across clouds, models, and identities. Core application risk increasingly depends on the infrastructure, credentials, integrations, AI services, and external endpoints surrounding the ERP estate. For CIOs, CISOs, and enterprise architects, the next security baseline is unified visibility across the full environment that supports business processes.
AI inventory is part of application governance. Organizations need to know which models, agents, endpoints, and workloads can access enterprise data before they can govern usage, cost, and exposure. For ERP and security teams, AI governance should start with asset discovery, identity mapping, and risk correlation rather than policy documents alone.
Multi-cloud security will shape ERP modernization strategy. As ERP landscapes spread across AWS, Azure, SaaS, and AI platforms, teams need consistent posture checks, vulnerability management, response workflows, and audit evidence. For application owners and implementation partners, cloud architecture decisions should now include how risks will be detected, prioritized, and remediated across the full stack.



