Enterprises are under pressure to adopt AI and move fast. The businesses that learn to deploy AI and agents effectively will have a meaningful advantage over those that don’t. But for most large organizations, adoption is only half the challenge. The other half is doing it in a way that meets the security, compliance, and governance requirements their business actually operates under. That’s the problem Noma was built to solve, and it’s why our partnership with AWS matters. Today we were named the AI Security partner for AWS Security Hub Extended, and along with the traction we’re seeing from enterprise customers, and the recognition from industry analysts, we see it as further validation that purpose-built AI security has become a core requirement for enterprises running AI at scale.
The problem we set out to solve
AI adoption is accelerating across every part of the organization. Development teams are shipping AI and agentic applications. Business units are deploying SaaS AI agent platforms. Developers are using coding assistants and MCPs to build faster. This is where it gets hard for security teams. Agents don’t just respond to prompts. They make decisions, call tools, access data, and interact with external systems in ways that traditional security programs were never designed to track or control.
We believe agentic AI is the future. The organizations that learn to deploy agents effectively will move faster and build better products. Noma gives enterprises the visibility, governance, and protection they need to adopt AI and agents confidently, without stalling the business.
Why we were selected for AWS Security Hub Extended
AWS Security Hub Extended is a curated ecosystem where AWS selects a best-of-breed solution for each critical security category. We were selected for AI Security based on the depth of our platform and our track record with Fortune 500 enterprises. Every capability we’ve built has been focused on one thing: securing AI and agents for the enterprise, and enable fast and safe adoption
AWS didn’t add an AI security feature to an existing tool. They created a dedicated category because the need is clear, and partnered with the leading vendor
Our platform covers the full enterprise AI environment across three distinct spaces.
Homegrown AI: Models and agents built on services like Amazon Bedrock, Bedrock AgentCore, and SageMaker.
SaaS agent platforms: SaaS agents such as Microsoft Copilot Studio and Salesforce Agentforce.
Local agents: Developer tools like Cursor and GitHub Copilot running directly in development environments, as well as MCP control. Wherever AI and agents live in the enterprise, including every MCP, tools or datasets connected to them, Noma covers it.
What AWS customers get with Noma
AI Security Posture Management gives security teams control across three layers. First, discovery: Noma automatically maps every model, agent, MCP server, and AI integration in the environment, including shadow deployments the security team didn’t know about. Second, supply chain: Noma scans for risks introduced through the AI stack itself, such as poisoned models or unsafe MCP servers. Third, agent blast radius: Noma assesses each agent’s identity, autonomy level, access to sensitive data, and capacity for destructive actions, so teams can enforce appropriate boundaries before something goes wrong.
AI Red Teaming gives development teams a way to validate AI security before models and agents reach runtime. The primary value is speed: teams can test AI and agent behavior as part of their CI/CD pipeline, satisfy compliance requirements for AI deployment, and shorten the path from development to production without a manual security review on every release. Noma runs automated adversarial testing against known attack techniques including prompt injection, jailbreaking, and tool abuse, and surfaces findings teams can act on directly.
AI Detection and Response helps organizations enforce security, privacy, and compliance policies at runtime. Noma detects adversarial attacks such as prompt injection, sensitive data leakage, and compliance violations including frameworks like the EU AI Act. With agents, the risk goes beyond the prompt. Agents take actions: they call tools, connect to MCP servers, access data, and interact with external systems. Noma monitors all of that behavior in real time, flagging anything that falls outside enterprise policy.
Noma is not just a best-of-breed set of products. It is the leading AI Security Contextual Platform. AISPM, Red Teaming, and AI Detection and Response share context with each other, and that’s what makes the whole greater than the sum of its parts. Agent posture and blast radius assessments feed directly into runtime detection for better accuracy. Red teaming findings tune AI Detection and Response policies. And what AIDR observes at runtime feeds back into AISPM to keep policies current. Security teams get a program that keeps pace with AI adoption, without manually coordinating across disconnected tools.
Why this matters for enterprise AI adoption
AWS is building serious AI infrastructure: Bedrock and AgentCore for deploying models and agents at scale, SageMaker for ML pipelines, and a growing ecosystem of services that enterprises across financial services, healthcare, government, and manufacturing are running in production.
For AWS customers, this partnership delivers three concrete benefits beyond the security coverage itself.
It brings together the best AI infrastructure and the best AI security in a single native experience. Customers don’t have to choose between moving fast and staying secure. Noma and AWS product teams work closely together, which means integrations are built at the product level and improve continuously.
Noma is available through AWS Marketplace, meaning organizations can apply existing AWS credits and enterprise discount programs directly to their AI security investment.
And from a development perspective, it means security doesn’t have to be the bottleneck. Teams building on Bedrock, deploying agents through Bedrock Agent Core, or connecting systems through MCP get a faster path to runtime because security validation is built into the process. Engineering time goes toward building what matters.
Get started through AWS Security Hub Extended
Noma is available now through AWS Security Hub Extended. Here’s how to take the next step:
Activate Noma in AWS Security Hub Extended by enabling AI security directly from your Security Hub Extended console. You’ll start discovering your AI assets immediately, with no separate procurement process and no complex integration work required.
Talk to your AWS account team. They can connect you directly with Noma for a personalized assessment of your AI security posture.
Join us at RSA Conference 2026 (March 23-26), where we’ll be demonstrating the Noma and AWS Security Hub Extended integration live at our booth, and at the AWS booth!
Reach out directly at and set up time with one of our experts.
We’re proud to be AWS’s chosen partner for AI Security in Security Hub Extended. This is just the beginning of what we’re building together.
