Amazon adds security monitoring and threat defence with GuardDuty

Image: AWS
Amazon has launched GuardDuty, a new intelligence-driven threat detection service that uses machine learning to locate anomalies and notify the user when it finds something suspect.
The new offering scans public and AWS-generated events looking for trends, patterns, and anomalies. Findings of the scans are presented to the user as one of low, medium, or high level, along with evidence and recommendations for remediation.
Announcing the new offering on Tuesday night at AWS re:Invent, Stephen Schmidt, the cloud giant’s VP and CISO of security and innovation, explained that Amazon GuardDuty can be enabled with a single click, and has removed the complexity of operation previously required for threat detection.
“Continuous security monitoring is what we all strive for, but doing this at scale, without slowing down your business, is complex and expensive,” Schmidt said.
“Traditionally, threat detection requires you to deploy and maintain dedicated security infrastructure, which frankly is hard to automate, doesn’t scale at all, and many existing solutions were designed for on-premise environment.”
GuardDuty consumes multiple data streams, including several threat intelligence feeds, staying aware of IP addresses and domains flagged as malicious, while also learning to identify malicious or unauthorised behaviour in a users’ AWS account.
According to Schmidt, it finds threats with great precision.
“For example, when a compromised EC2 instance is mining bitcoin, or an attacker is scanning your infrastructure,” he explained.
“It also monitors AWS account access behaviour for signs of compromise such as, ‘Is somebody using your credentials to launch an unusual instance type in a geography you’ve never used before?'”

GuardDuty runs completely on AWS infrastructure, with no agent or sensor to install, or even a network appliance required to run it.
More than 50 customers and partners have been using the service for the last seven months, with AWS on Tuesday making it available in production, free of charge, for the first 30 days.PREVIOUS AND RELATED COVERAGE VMware, AWS expand their hybrid cloud service With its second release, VMware Cloud on AWS gets new capabilities focused largely on disaster recovery and adding on-demand capacity. Time Warner’s Turner adds AWS as preferred cloud provider Turner is looking to add more analytics and machine learning to its content as it moves to a more digital-first strategy. How sensors enabled Eli Lilly to improve the patient experience Combining the use of sensors and automation, the pharmaceutical giant looked into an approach that enabled independence for the patient and alleviated burden on the caregiver. Amazon Web Services: The smart person’s guide (TechRepublic) This comprehensive guide about AWS covers the expansive cloud services offered by Amazon, common use cases and technical limitations, and what to know when adopting this technology.
Security-Frontline-安全前线
Related Topics:
节假日,网络罪犯们在节日期间最为猖獗,总会有些意外的安全事件发生。
Amazon
Security TV
Data Management
黑客们现在的动机很明显,他们有确定的目标,就是我们的核心数据,通过利用先进的黑客技术,试图甚至可以获得这些重要的数据,比如商业标底,产品设计,知识产权等等,然后出售给我们的商业竞争者,最终让我们蒙受重大损失。

猜您喜欢

十五派信息安全教育副总裁齐永恒 https://www.pingxiaow.com/2017/1127/549541.html
信息安全基础检测
LMS学习管理系统管理员快速操作指南
西成高铁连起川陕“后花园”
4RIDERS THEHILDEES
一分钟了解信息安全基础知识