Posted On: Dec 3, 2019
HAQM Detective is a new service in Preview that makes it easy to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. HAQM Detective automatically collects log data from your AWS resources and uses machine learning, statistical analysis, and graph theory to build a linked set of data that enables you to easily conduct faster and more efficient security investigations.
HAQM Detective can analyze trillions of events from multiple data sources such as Virtual Private Cloud (VPC) Flow Logs, AWS CloudTrail, and HAQM GuardDuty, and automatically creates a unified, interactive view of your resources, users, and the interactions between them over time. With this unified view, you can visualize all the details and context in one place to identify the underlying reasons for the findings, drill down into relevant historical activities, and quickly determine the root cause.
HAQM Detective is available globally during the preview period. During the preview, it is available in the following regions: US-East (N. Virginia), US-East (Ohio), US-West (Oregon), EU (Ireland), and Asia Pacific (Tokyo).
To learn more and get started with HAQM Detective, visit our product page.