AWS launches Amazon Detective for investigating security incidents
Service automates "burdensome" data gathering for effective security investigations
AWS has announced the general availability of Amazon Detective, the company's automated security service.
Amazon Detective works with machine learning and statistical analysis to build visualised maps of security threats in a customer's cloud. Rather than a security team compiling all the relevant data to analyse and conduct a lengthy investigation, it automatically pulls data from services like CloudTrail and customer logs.
The information is then run through AWS GuardDuty which compiles a graph that details all interactions across the customer's infrastructure. Everything is run from the Amazon Management Console and, according to AWS, in just a few clicks your IT team can have a detailed report of the problem and where it has come from.
The graph model is also continuously updated as new data becomes available from the customer's AWS resources, allowing security teams to spend less time looking through constantly changing data sources and freeing them up to work on remediation.
The service is being offered with no upfront fees but customers will pay if they need to upload data from AWS CloudTrail and other AWS services they use.
"Even when customers tell us their security teams have the tools and information to confidently detect and remediate issues, they often say they need help when it comes to understanding what caused the issues in the first place," said Dan Plastina, VP for security services at AWS.
"Gathering the information necessary to conduct effective security investigations has traditionally been a burdensome process, which can put crucial in-depth analysis out of reach for smaller organisations and strain resources for larger teams. Amazon Detective takes all of that extra work off of the customer's plate, allowing them to focus on finding the root cause of an issue and ensuring it doesn't happen again."
The service is available from today in Europe, the US, South America and parts of Asia, with more regions coming soon, the company confirmed.
Five lessons learned from the pivot to a distributed workforce
Delivering continuity and scale with a remote work strategyDownload now
Connected experiences in a digital transformation
Enable businesses to meet the demands of the futureDownload now
Simplify to secure
Reduce complexity by integrating your security ecosystemDownload now
Enhance the safety and security of your people, assets and operations
Enable a true vision of security with an engineered solution based on hyperconverged and storage platformsDownload now