Amazon has announced the release of Amazon Detective, a tool to automate the processing of investigating cloud security issues.
Dealing with cloud security issues can tax even the largest companies. As organizations move to the cloud, it can open a whole new world of threats, requiring a completely different approach to security. Unfortunately, while cloud services often provide ample data to investigate any issues that arise, the sheer amount of data can be overwhelming.
That’s where Amazon Detective come into play. “Amazon Detective is a fully managed service that empowers users to automate the heavy lifting involved in processing large quantities of AWS log data to determine the cause and impact of a security issue,” writes Sébastien Stormacq. “Once enabled, Detective automatically begins distilling and organizing data from AWS Guard Duty, AWS CloudTrail, and Amazon Virtual Private Cloud Flow Logs into a graph model that summarizes the resource behaviors and interactions observed across your entire AWS environment.”
Amazon Detective was originally previewed at re:invent 2019, but is now available to all AWS customers as of March 31.