AI-Driven Security Intelligence: Transforming Java Enterprise Observability Into Proactive Cyber Threat Detection

This paper proposes an AI-enhanced anomaly detection pipeline for Java enterprise applications using Spring, Log4j, and AWS CloudWatch.The methodology utilizes historical logs from applications deployed on ECS and Lambda to train unsupervised ML models (e.g., Isolation Forests) to detect operational and security anomalies.Realtime inference is served via serverless endpoints, with threat scores visualized in CloudWatch Dashboards.Integration with AWS KMS and Secrets Manager enforces secure data handling.The study includes detection of synthetic attacks in a simulated financial workload, demonstrating how full-stack observability evolves into proactive cybersecurity.