AWS launches Amazon Detective for investigating security incidents
Service automates "burdensome" data gathering for effective security investigations
AWS has announced the general availability of Amazon Detective, the company's automated security service.
Amazon Detective works with machine learning and statistical analysis to build visualised maps of security threats in a customer's cloud. Rather than a security team compiling all the relevant data to analyse and conduct a lengthy investigation, it automatically pulls data from services like CloudTrail and customer logs.
The information is then run through AWS GuardDuty which compiles a graph that details all interactions across the customer's infrastructure. Everything is run from the Amazon Management Console and, according to AWS, in just a few clicks your IT team can have a detailed report of the problem and where it has come from.
The graph model is also continuously updated as new data becomes available from the customer's AWS resources, allowing security teams to spend less time looking through constantly changing data sources and freeing them up to work on remediation.
The service is being offered with no upfront fees but customers will pay if they need to upload data from AWS CloudTrail and other AWS services they use.
"Even when customers tell us their security teams have the tools and information to confidently detect and remediate issues, they often say they need help when it comes to understanding what caused the issues in the first place," said Dan Plastina, VP for security services at AWS.
"Gathering the information necessary to conduct effective security investigations has traditionally been a burdensome process, which can put crucial in-depth analysis out of reach for smaller organisations and strain resources for larger teams. Amazon Detective takes all of that extra work off of the customer's plate, allowing them to focus on finding the root cause of an issue and ensuring it doesn't happen again."
The service is available from today in Europe, the US, South America and parts of Asia, with more regions coming soon, the company confirmed.
The ultimate law enforcement agency guide to going mobile
Best practices for implementing a mobile device programFree download
The business value of Red Hat OpenShift
Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShiftFree download
Managing security and risk across the IT supply chain: A practical approach
Best practices for IT supply chain securityFree download
Digital remote monitoring and dispatch services’ impact on edge computing and data centres
Seven trends redefining remote monitoring and field service dispatch service requirementsFree download