Skip to ContentSkip to Footer
News

AWS launches Amazon Detective for investigating security incidents

Service automates "burdensome" data gathering for effective security investigations

by: Bobby Hellard
1 Apr 2020

Spyglass on AWS logo

AWS has announced the general availability of Amazon Detective, the company's automated security service. 

Amazon Detective works with machine learning and statistical analysis to build visualised maps of security threats in a customer's cloud. Rather than a security team compiling all the relevant data to analyse and conduct a lengthy investigation, it automatically pulls data from services like CloudTrail and customer logs. 

The information is then run through AWS GuardDuty which compiles a graph that details all interactions across the customer's infrastructure. Everything is run from the Amazon Management Console and, according to AWS, in just a few clicks your IT team can have a detailed report of the problem and where it has come from. 

The graph model is also continuously updated as new data becomes available from the customer's AWS resources, allowing security teams to spend less time looking through constantly changing data sources and freeing them up to work on remediation. 

The service is being offered with no upfront fees but customers will pay if they need to upload data from AWS CloudTrail and other AWS services they use. 

"Even when customers tell us their security teams have the tools and information to confidently detect and remediate issues, they often say they need help when it comes to understanding what caused the issues in the first place," said Dan Plastina, VP for security services at AWS. 

"Gathering the information necessary to conduct effective security investigations has traditionally been a burdensome process, which can put crucial in-depth analysis out of reach for smaller organisations and strain resources for larger teams. Amazon Detective takes all of that extra work off of the customer's plate, allowing them to focus on finding the root cause of an issue and ensuring it doesn't happen again."

The service is available from today in Europe, the US, South America and parts of Asia, with more regions coming soon, the company confirmed. 

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Ofcom report reveals alarming uptick in smishing attacks
scams

Ofcom report reveals alarming uptick in smishing attacks

22 Oct 2021
Graylog launches new cyber security solution to address legacy issues
cyber security

Graylog launches new cyber security solution to address legacy issues

21 Oct 2021
US to ban surveillance software exports to authoritarian governments
cyber security

US to ban surveillance software exports to authoritarian governments

21 Oct 2021
A quarter of all malicious JavaScript is obfuscated
hacking

A quarter of all malicious JavaScript is obfuscated

20 Oct 2021

Most Popular

Alibaba unveils custom Arm-based server chip
components

Alibaba unveils custom Arm-based server chip

19 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021
What is cyber warfare?
Security

What is cyber warfare?

15 Oct 2021
Skip to HeaderSkip to Content