Security Market Segment LS
Wednesday, 01 April 2020 09:50

Amazon Detective goes GA


Amazon Web Services' new Amazon Detective security service is now generally available.

Amazon Detectiveannounced last December – is designed to make it easier for customers to conduct faster and more efficient investigations into security issues across their AWS workloads.

It applies machine learning, statistical analysis, and graph theory to log data, building interactive visualisations to help customers analyse, investigate, and identify the root causes of potential security issues or suspicious activities.

Once enabled, Amazon Detective automatically begins distilling and organizing data from AWS CloudTrail, Amazon VPC Flow Logs, and Amazon GuardDuty findings into a graph model, and produces tailored visualisations to help customers answer questions like "is this an unusual API call?" or "is this spike in traffic from this instance expected?" without having to organise any data or develop, configure, or tune their own queries and algorithms.

Amazon Detective's visualisations help analysts quickly determine the nature and extent of issues identified by AWS security services.

Its graph model and analytics are continuously updated as new data becomes available, allowing security teams concentrate on remediation rather than data wrangling.

"Even when customers tell us their security teams have the tools and information to confidently detect and remediate issues, they often say they need help when it comes to understanding what caused the issues in the first place," said AWS vice president for security services Dan Plastina.

"Gathering the information necessary to conduct effective security investigations has traditionally been a burdensome process, which can put crucial in-depth analysis out of reach for smaller organisations and strain resources for larger teams. Amazon Detective takes all of that extra work off of the customer's plate, allowing them to focus on finding the root cause of an issue and ensuring it doesn't happen again."

WarnerMedia public cloud security leader Chris Farris (who also teaches cloud security for the SANS Institute) said "Large security organisations are tasked with protecting huge environments with diverse workloads from a multitude of threats, while the smaller organisations I talk to often don't have the resources to replicate the tooling and expertise of their bigger counterparts.

"Amazon Detective will help both of these groups reach faster, better-informed conclusions to their security investigations. It does the hard work of aggregating and analysing high-volume telemetry sources like VPC Flow logs and CloudTrail. Larger organisations will see major efficiencies, and small teams will have access to information and tooling that they'd have a hard time collecting and building on their own."

Amazon Detective is available today in various AWS regions including Asia Pacific (Sydney) and Asia Pacific (Singapore).

The only additional charge for using Amazon Detective is for data ingestion from AWS CloudTrail, Amazon Virtual Private Cloud (VPC) Flow Logs, and Amazon GuardDuty findings.

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments