Subscribe To Our Daily Enewsletter:

Introducing Amazon Detective: Here’s What MSSPs Need to Know

Amazon Detective, an Amazon Web Services (AWS) offering designed to help organizations analyze and visualize security data and identify security issues, is now being previewed to partners and customers. The company announced the preview at this week’s AWS re:Invent 2019 conference in Las Vegas, Nevada.

Amazon Detective starts collecting log data as soon as it is enabled and provides visual summaries and analytics related to ingested data, according to the company. It also provides comparisons of recent activity against historical baselines which are established after two weeks of account monitoring.

Furthermore, Amazon Detective analyzes trillions of security events from multiple data sources, including Virtual Private Cloud (VPC) Flow Logs, AWS CloudTrail and Amazon GuardDuty, the company said. It automatically creates a unified view of resources, users and the interactions between them and enables security teams to visualize relevant details and context.

We’re watching to see if or how MSSPs (managed security services providers), security analysts and corporate security operations centers (SOCs) potentially leverage Detective in their businesses.

Amazon Detective Security Integrations: Initial Technology Partners

Meanwhile, several cybersecurity companies have announced Amazon Detective security integrations, including:

  • Barracuda NetworksBarracuda Cloud Security Guardian users can leverage Amazon Detective to gain insights into security threats or violations.
  • Check Point Software TechnologiesCheck Point CloudGuard Log.ic users can leverage Amazon Detective to access cloud security intelligence, analytics and visualizations related to potential security incidents.
  • McAfeeMVISION Cloud users can leverage Amazon Detective to explore ways to accelerate incident response and remediation, as well as determine the appropriate tools to deploy during incident investigations.

Amazon Detective is currently available in preview at no cost to those approved for access. The preview is available across the following AWS regions: US-East (Northern Virginia), US-East (Ohio), US-West (Oregon), EU (Ireland) and Asia Pacific (Tokyo).

Return Home

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *