AWS launches Amazon Detective for investigating security incidents

Service automates "burdensome" data gathering for effective security investigations

AWS has announced the general availability of Amazon Detective, the company's automated security service. 

Amazon Detective works with machine learning and statistical analysis to build visualised maps of security threats in a customer's cloud. Rather than a security team compiling all the relevant data to analyse and conduct a lengthy investigation, it automatically pulls data from services like CloudTrail and customer logs. 

Advertisement - Article continues below

The information is then run through AWS GuardDuty which compiles a graph that details all interactions across the customer's infrastructure. Everything is run from the Amazon Management Console and, according to AWS, in just a few clicks your IT team can have a detailed report of the problem and where it has come from. 

The graph model is also continuously updated as new data becomes available from the customer's AWS resources, allowing security teams to spend less time looking through constantly changing data sources and freeing them up to work on remediation. 

The service is being offered with no upfront fees but customers will pay if they need to upload data from AWS CloudTrail and other AWS services they use. 

"Even when customers tell us their security teams have the tools and information to confidently detect and remediate issues, they often say they need help when it comes to understanding what caused the issues in the first place," said Dan Plastina, VP for security services at AWS. 

Advertisement - Article continues below
Advertisement - Article continues below

"Gathering the information necessary to conduct effective security investigations has traditionally been a burdensome process, which can put crucial in-depth analysis out of reach for smaller organisations and strain resources for larger teams. Amazon Detective takes all of that extra work off of the customer's plate, allowing them to focus on finding the root cause of an issue and ensuring it doesn't happen again."

The service is available from today in Europe, the US, South America and parts of Asia, with more regions coming soon, the company confirmed. 

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now



Microsoft Azure Digital Twins previews new features

30 Jun 2020

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020

How to find RAM speed, size and type

24 Jun 2020

The road to recovery

30 Jun 2020