Cloud Security, Content

Amazon Detective: AWS Cloud Security Service Launches

Amazon Web Services (AWS) has launched Amazon Detective, a cloud service designed to help organizations investigate security incidents across their AWS workloads. The Amazon Detective release comes after AWS unveiled the service in December 2019.

Amazon Detective collects log data from an organization's resources and uses machine learning, statistical analysis and graph theory to build interactive visualizations, AWS stated. In doing so, Amazon Detective helps organizations analyze, investigate and identify the root cause of potential security issues or suspicious activities.

In addition, Amazon Detective automatically distills and organizes data from AWS CloudTrail, Amazon Virtual Private Cloud (VPC) Flow Logs and Amazon GuardDuty findings into a graph model that summarizes resource behaviors and interactions across their AWS environments, AWS noted. It also provides details, context and guidance to help organizations determine the nature and extent of issues identified by AWS security services.

Amazon Detective: Security Partner Integrations

Several cybersecurity companies have already incorporated Amazon Detective into their offerings, including:

  • ExpelIngests customer events and log data from AWS to detect security issues and suspicious activities.
  • Barracuda NetworksOffers security threat insights to Barracuda Cloud Security Guardian users.
  • Check Point Software TechnologiesProvides cloud security intelligence, analytics and visualizations to Check Point CloudGuard Log.ic users.
  • McAfee: Helps MVISION Cloud users explore ways to accelerate incident response and remediation and determine the appropriate tools to deploy during incident investigations.

    • Amazon Detective is available without any additional charges or upfront commitments required. To use Amazon Detective, customers pay only for data ingested from AWS CloudTrail, Amazon VPC Flow Logs and Amazon GuardDuty findings.

    Public Clouds and Security Services

    in addition to AWS, key rivals such as Microsoft Azure and Google Cloud Platform have been building  various security services for MSSPs, MSPs and end-customers.

    Key examples include:

    • Microsoft Azure Sentinel: The cloud-native security information and event management (SIEM) tool launched in September 2019 with some MSSP partners on Day One.
    • Google Chronicle: The security analytics platform has threat detection capabilities and multiple MSSP backers.

      • An In-Depth Guide to Cloud Security

      Get essential knowledge and practical strategies to fortify your cloud security.
      Dan Kobialka

      Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.

      Related

      Related Events

      Related Terms

      Cloud ComputingGreynet

      You can skip this ad in 5 seconds

      Cookies

      This website uses cookies to improve your experience, provide social media features and deliver advertising offers that are relevant to you.

      If you continue without changing your settings, you consent to our use of cookies in accordance with our privacy policy. You may disable cookies.