Amazon Detective analyzes trillions of data
points to make it easier to visualize security data and conduct
faster and more efficient investigations
WarnerMedia and T-Systems among the customers
using Amazon Detective
Today, Amazon Web Services Inc., an Amazon.com company (NASDAQ:
AMZN), announced the general availability of Amazon Detective, a
new security service that makes it easy for customers to conduct
faster and more efficient investigations into security issues
across their AWS workloads. Amazon Detective automatically collects
log data from a customer’s resources and uses machine learning,
statistical analysis, and graph theory to build interactive
visualizations that help customers analyze, investigate, and
quickly identify the root cause of potential security issues or
suspicious activities. There are no additional charges or upfront
commitments required to use Amazon Detective, and customers pay
only for data ingested from AWS CloudTrail, Amazon Virtual Private
Cloud (VPC) Flow Logs, and Amazon GuardDuty findings. To get
started with Amazon Detective, visit
https://aws.amazon.com/detective/.
When customers face a security issue like compromised user
credentials or unauthorized access to a resource, security teams
must conduct an investigation to understand the cause, assess the
impact, and determine the remediation steps. Before an
investigation can even begin, customers must first collect and
combine terabytes of potentially relevant data from network,
application, and security monitoring systems, and make it available
in a way that allows their security analysts to infer related
anomalies. In order to explore the data, analysts rely on data
scientists and engineers to turn seemingly simple questions like
“is this normal?” into mathematical models and queries that can
help produce answers. Customers then typically build custom
dashboards that analysts use to validate, compare, and correlate
the data to reach their conclusions. Security teams must
continually re-establish baselines of normal behavior, understand
new patterns of activity, and revisit application configurations as
resources, accounts, and applications are added or updated in an
environment. These complex and time-consuming tasks impede security
teams’ ability to quickly investigate and respond to security
issues.
Amazon Detective helps security teams conduct faster and more
effective investigations. Once enabled with a few clicks in the AWS
Management Console, Amazon Detective automatically begins
distilling and organizing data from AWS CloudTrail, Amazon VPC Flow
Logs, and Amazon GuardDuty findings into a graph model that
summarizes resource behaviors and interactions observed across a
customer’s AWS environment. Using machine learning, statistical
analysis, and graph theory, Amazon Detective produces tailored
visualizations to help customers answer questions like “is this an
unusual API call?” or “is this spike in traffic from this instance
expected?” without having to organize any data or develop,
configure, or tune their own queries and algorithms. Amazon
Detective’s visualizations provide the details, context, and
guidance to help analysts quickly determine the nature and extent
of issues identified by AWS security services like Amazon GuardDuty
and AWS Security Hub. Amazon Detective’s graph model and analytics
are continuously updated as new telemetry becomes available from a
customer’s AWS resources, allowing security teams to spend less
time tending to constantly changing data sources. By letting the
Amazon Detective service perform the necessary data sifting,
security teams can more quickly move on to remediation.
“Even when customers tell us their security teams have the tools
and information to confidently detect and remediate issues, they
often say they need help when it comes to understanding what caused
the issues in the first place,” said Dan Plastina, Vice President
for Security Services at AWS. “Gathering the information necessary
to conduct effective security investigations has traditionally been
a burdensome process, which can put crucial in-depth analysis out
of reach for smaller organizations and strain resources for larger
teams. Amazon Detective takes all of that extra work off of the
customer’s plate, allowing them to focus on finding the root cause
of an issue and ensuring it doesn’t happen again.”
Amazon Detective is available today in the US East (N.
Virginia), US East (Ohio), US West (Oregon), Europe (Frankfurt),
Europe (Ireland), Europe (London), Europe (Paris), Europe
(Stockholm), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia
Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo),
and South America (Sao Paulo) regions, with more regions coming
soon.
T-Systems, a subsidiary of Deutsche Telekom, is one of the
world’s leading digital service providers. "As part of protecting
our clients' cloud applications and services, T-Systems’ security
experts analyze billions of security-relevant events every day,"
said Andrej Maya, Cloud Solutions Architect for T-Systems. "This
has traditionally required using custom log management solutions
that take considerable time and resources to maintain. Amazon
Detective simplifies our security monitoring and helps our security
analysts quickly understand potential issues without the complexity
of managing the underlying data ourselves."
WarnerMedia is a leading media and entertainment company that
creates and distributes premium and popular content to global
audiences. “Large security organizations are tasked with protecting
huge environments with diverse workloads from a multitude of
threats, while the smaller organizations I talk to often don’t have
the resources to replicate the tooling and expertise of their
bigger counterparts,” said Chris Farris who leads public cloud
security for WarnerMedia and teaches Cloud Security for the SANS
Institute. “Amazon Detective will help both of these groups reach
faster, better-informed conclusions to their security
investigations. It does the hard work of aggregating and analyzing
high-volume telemetry sources like VPC Flow logs and CloudTrail.
Larger organizations will see major efficiencies, and small teams
will have access to information and tooling that they’d have a hard
time collecting and building on their own.”
Expel provides transparent managed security, on-prem and in the
cloud. “We have customers of all shapes and sizes running a diverse
array of workloads on AWS, so it’s critical that we have
high-quality data sources that can aid us in conducting fast and
accurate security investigations,” said Peter Silberman, chief
technology officer at Expel. “Amazon Detective offers our customers
an additional layer of insight about what’s happening in their
environment, which gives our security analysts more data and
context to use during investigations without adding complexity to
that process. With Amazon Detective, we’ll be able to process
specific types of alerts faster, which means reducing investigation
time and getting quicker, more detailed answers to our customers
about what happened.”
About Amazon Web Services
For 14 years, Amazon Web Services has been the world’s most
comprehensive and broadly adopted cloud platform. AWS offers over
175 fully featured services for compute, storage, databases,
networking, analytics, robotics, machine learning and artificial
intelligence (AI), Internet of Things (IoT), mobile, security,
hybrid, virtual and augmented reality (VR and AR), media, and
application development, deployment, and management from 70
Availability Zones (AZs) within 22 geographic regions, with
announced plans for 15 more Availability Zones and five more AWS
Regions in Indonesia, Italy, Japan, South Africa, and Spain.
Millions of customers—including the fastest-growing startups,
largest enterprises, and leading government agencies—trust AWS to
power their infrastructure, become more agile, and lower costs. To
learn more about AWS, visit aws.amazon.com.
About Amazon
Amazon is guided by four principles: customer obsession rather
than competitor focus, passion for invention, commitment to
operational excellence, and long-term thinking. Customer reviews,
1-Click shopping, personalized recommendations, Prime, Fulfillment
by Amazon, AWS, Kindle Direct Publishing, Kindle, Fire tablets,
Fire TV, Amazon Echo, and Alexa are some of the products and
services pioneered by Amazon. For more information, visit
amazon.com/about and follow @AmazonNews.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20200331005748/en/
Amazon.com, Inc. Media Hotline Amazon-pr@amazon.com
www.amazon.com/pr
Amazon.com (NASDAQ:AMZN)
Historical Stock Chart
From Apr 2024 to May 2024
Amazon.com (NASDAQ:AMZN)
Historical Stock Chart
From May 2023 to May 2024