{"id":5455,"date":"2020-04-29T14:23:51","date_gmt":"2020-04-29T13:23:51","guid":{"rendered":"https:\/\/lcloud.pl\/?p=5455"},"modified":"2024-12-10T15:49:23","modified_gmt":"2024-12-10T14:49:23","slug":"security-investigatior-amazon-detective","status":"publish","type":"post","link":"https:\/\/lcloud.pl\/en\/security-investigatior-amazon-detective\/","title":{"rendered":"Security investigator – Amazon Detective"},"content":{"rendered":"

Cybersecurity is one of the priorities in the age of the information society, where data is a value in itself. It is worth paying attention to properly designed security solutions. To be able to ensure compliance with the required standards and the highest quality of solutions, Amazon Web Services has prepared a number of services in the Security category: Amazon GuardDuty<\/a>, Amazon Macie<\/a> or AWS SecurityHub<\/a> (download the infographic<\/a>), which help provide the highest protection. In addition, the existing level of security at the customer can be extended with dedicated solutions of AWS partners. All these services and solutions enable the detection and elimination of security errors. However, when the cause lies deeper, Amazon Detective comes to the rescue.<\/span><\/strong><\/h4>\n
\"\"Amazon Detective<\/span> is the latest security service from the AWS family. It uses machine learning, statistical analysis and graph theory, in combination with AWS resource log data to detect potentially dangerous activities and security issues. It allows clients to view summaries and analytical data related to events in AWS CloudTrail as well as VPC Flow Logs. For customers who have Amazon GuardDuty enabled, Amazon Detective also processes the results obtained from GuardDuty.<\/span><\/span><\/h6>\n
So how does the service work? Amazon Detective allows you to automate heavy operations related to the processing of large amounts of data from AWS logs, in order to determine the cause of the threat and its impact on security. It uses machine learning models to create graphical presentations of account behaviour and helps answer questions such as “is this a custom API call for this role?” or “is this increase in traffic expected for this instance?” There is no need to write new code, configure or customize your own queries.<\/span><\/h6>\n

\"\"<\/a><\/p>\n

Source: https:\/\/aws.amazon.com\/detective\/<\/a><\/span><\/span><\/p>\n

The Amazon Detective service can be used in 3 cases:<\/span><\/h6>\n