AWS introduces Amazon Detective workload security service

Amazon Web Services released a new "Amazon Detective" security service that helps users to conduct investigations into security issues across their AWS workloads.

Amazon Detective automatically collects log data from a customer’s resources and uses machine learning, statistical analysis, and graph theory to build interactive visualizations that help customers analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. There are no additional charges or upfront commitments required to use Amazon Detective, and customers pay only for data ingested from AWS CloudTrail, Amazon Virtual Private Cloud (VPC) Flow Logs, and Amazon GuardDuty findings. To get started with Amazon Detective, visit https://aws.amazon.com/detective/.

“Even when customers tell us their security teams have the tools and information to confidently detect and remediate issues, they often say they need help when it comes to understanding what caused the issues in the first place,” said Dan Plastina, Vice President for Security Services at AWS. “Gathering the information necessary to conduct effective security investigations has traditionally been a burdensome process, which can put crucial in-depth analysis out of reach for smaller organizations and strain resources for larger teams. Amazon Detective takes all of that extra work off of the customer’s plate, allowing them to focus on finding the root cause of an issue and ensuring it doesn’t happen again.”

Amazon Detective is available today in the US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), Europe (Stockholm), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), and South America (Sao Paulo) regions, with more regions coming soon.

https://aws.amazon.com/blogs/aws/amazon-detective-rapid-security-investigation-and-analysis/