AWS Releases Amazon Detective for Cloud Security Investigations

AWS Releases Amazon Detective for Cloud Security Investigations

Amazon Web Services is releasing Amazon Detective into general availability, according to a press release on Amazon’s website. The service analyzes trillions of data points to make it easier to visualize security data and conduct faster and more efficient investigations. Amazon released the service in multiple regions in the U.S., Europe, Asia Pacific, and South America; the vendor will add support for more regions in the future.

Our MSP Buyer’s Guide contains profiles on the top cloud managed service providers for AWS, Azure, and Google Cloud, as well as questions you should ask vendors and yourself before buying. We also offer an MSP Vendor Map that outlines those vendors in a Venn diagram to make it easy for you to select potential providers.

Amazon Detective allows users to easily investigate root causes of security issues that occur on your AWS deployment. The service makes it easy to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. Amazon Detective automatically collects log data from your AWS resources and uses machine learning, statistical analysis, and graph theory to build a linked set of data that enables you to easily conduct faster and more efficient security investigations.

When users enable Amazon Detective in the AWS Management Console, the service automatically begins gathers data from AWS CloudTrail, Amazon VPC Flow Logs, and Amazon GuardDuty into a graph model that summarizes behaviors and interactions observed across a user’s AWS deployment. Amazon Detective uses machine learning, statistical analysis, and graph theory to produce tailored visualizations to help customers answer critical cloud security questions.

In a quote in the official press release, AWS’ Vice President for Security Services Dan Plastina said: “Even when customers tell us their security teams have the tools and information to confidently detect and remediate issues, they often say they need help when it comes to understanding what caused the issues in the first place. Gathering the information necessary to conduct effective security investigations has traditionally been a burdensome process, which can put crucial in-depth analysis out of reach for smaller organizations and strain resources for larger teams. Amazon Detective takes all of that extra work off of the customer’s plate, allowing them to focus on finding the root cause of an issue and ensuring it doesn’t happen again.”

Learn more about Amazon Detective here.

Daniel Hein