Skip to ContentSkip to Footer
News

AWS launches Amazon Detective for investigating security incidents

Service automates "burdensome" data gathering for effective security investigations

by: Bobby Hellard
1 Apr 2020

Spyglass on AWS logo

AWS has announced the general availability of Amazon Detective, the company's automated security service. 

Amazon Detective works with machine learning and statistical analysis to build visualised maps of security threats in a customer's cloud. Rather than a security team compiling all the relevant data to analyse and conduct a lengthy investigation, it automatically pulls data from services like CloudTrail and customer logs. 

The information is then run through AWS GuardDuty which compiles a graph that details all interactions across the customer's infrastructure. Everything is run from the Amazon Management Console and, according to AWS, in just a few clicks your IT team can have a detailed report of the problem and where it has come from. 

The graph model is also continuously updated as new data becomes available from the customer's AWS resources, allowing security teams to spend less time looking through constantly changing data sources and freeing them up to work on remediation. 

The service is being offered with no upfront fees but customers will pay if they need to upload data from AWS CloudTrail and other AWS services they use. 

"Even when customers tell us their security teams have the tools and information to confidently detect and remediate issues, they often say they need help when it comes to understanding what caused the issues in the first place," said Dan Plastina, VP for security services at AWS. 

"Gathering the information necessary to conduct effective security investigations has traditionally been a burdensome process, which can put crucial in-depth analysis out of reach for smaller organisations and strain resources for larger teams. Amazon Detective takes all of that extra work off of the customer's plate, allowing them to focus on finding the root cause of an issue and ensuring it doesn't happen again."

The service is available from today in Europe, the US, South America and parts of Asia, with more regions coming soon, the company confirmed. 

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

IT security awareness and training firm KnowBe4 acquires MediaPRO
Acquisition

IT security awareness and training firm KnowBe4 acquires MediaPRO

3 Mar 2021
High-risk email security threats increased by 32% last year
phishing

High-risk email security threats increased by 32% last year

3 Mar 2021
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

3 Mar 2021
Microsoft Exchange targeted by China-linked hackers
zero-day exploit

Microsoft Exchange targeted by China-linked hackers

3 Mar 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
Ransomware operators are exploiting VMware ESXi flaws
ransomware

Ransomware operators are exploiting VMware ESXi flaws

1 Mar 2021
Skip to HeaderSkip to Content