New – Simplify the Investigation of AWS Security Findings with Amazon Detective

With Amazon Detective, you can analyze and visualize security data to investigate potential security issues. Detective collects and analyzes events that describe IP traffic, AWS management operations, and malicious or unauthorized activity from AWS CloudTrail logs, Amazon Virtual Private Cloud (Amazon VPC) Flow Logs, Amazon GuardDuty findings, and, since last year, Amazon Elastic Kubernetes Service Read more about New – Simplify the Investigation of AWS Security Findings with Amazon Detective[…]

AWS Week in Review – February 27, 2023

A couple days ago, I had the honor of doing a live stream on generative AI, discussing recent innovations and concepts behind the current generation of large language and vision models and how we got there. In today’s roundup of news and announcements, I will share some additional information—including an expanded partnership to make generative Read more about AWS Week in Review – February 27, 2023[…]

AWS Week in Review – August 1, 2022

AWS re:Inforce returned to Boston last week, kicking off with a keynote from Amazon Chief Security Officer Steve Schmidt and AWS Chief Information Security officer C.J. Moses: Be sure to take some time to watch this video and the other leadership sessions, and to use what you learn to take some proactive steps to improve Read more about AWS Week in Review – August 1, 2022[…]

New for Amazon GuardDuty – Malware Detection for Amazon EBS Volumes

With Amazon GuardDuty, you can monitor your AWS accounts and workloads to detect malicious activity. Today, we are adding to GuardDuty the capability to detect malware. Malware is malicious software that is used to compromise workloads, repurpose resources, or gain unauthorized access to data. When you have GuardDuty Malware Protection enabled, a malware scan is Read more about New for Amazon GuardDuty – Malware Detection for Amazon EBS Volumes[…]

Amazon Detective Supports Kubernetes Workloads on Amazon EKS for Security Investigations

In March 2020, we introduced Amazon Detective, a fully managed service that makes it easy to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. Amazon Detective continuously extracts temporal events such as login attempts, API calls, and network traffic from Amazon GuardDuty, AWS CloudTrail, and Amazon Virtual Private Cloud (Amazon VPC) Read more about Amazon Detective Supports Kubernetes Workloads on Amazon EKS for Security Investigations[…]

Amazon Detective – Rapid Security Investigation and Analysis

Almost five years ago, I blogged about a solution that automatically analyzes AWS CloudTrail data to generate alerts upon sensitive API usage. It was a simple and basic solution for security analysis and automation. But demanding AWS customers have multiple AWS accounts, collect data from multiple sources, and simple searches based on regular expressions are Read more about Amazon Detective – Rapid Security Investigation and Analysis[…]