Category: HAQM Detective

Today, we’re announcing HAQM GuardDuty ECS Runtime Monitoring to help detect potential runtime security issues in HAQM Elastic Container Service (HAQM ECS) clusters running on both AWS Fargate and HAQM Elastic Compute Cloud (HAQM EC2). GuardDuty combines machine learning (ML), anomaly detection, network monitoring, and malicious file discovery against various AWS data sources. When threats […]

Today, HAQM Detective adds four new capabilities to help you save time and strengthen your security operations. First, Detective investigations for IAM help security analysts investigate AWS Identity and Access Management (IAM) objects, such as users and roles, for indicators of compromise (IoCs) to determine potential involvement in known tactics from the MITRE ATT&CK framework. […]

This week, I’ll meet you at AWS partner’s Jamf Nation Live in Amsterdam where we’re showing how to use HAQM EC2 Mac to deploy your remote developer workstations or configure your iOS CI/CD pipelines in the cloud. Last Week’s Launches While I was traveling last week, I kept an eye on the AWS News. Here […]

With HAQM Detective, you can analyze and visualize security data to investigate potential security issues. Detective collects and analyzes events that describe IP traffic, AWS management operations, and malicious or unauthorized activity from AWS CloudTrail logs, HAQM Virtual Private Cloud (HAQM VPC) Flow Logs, HAQM GuardDuty findings, and, since last year, HAQM Elastic Kubernetes Service […]

Since HAQM GuardDuty launched in 2017, GuardDuty has been capable of analyzing tens of billions of events per minute across multiple AWS data sources, such as AWS CloudTrail event logs, HAQM Virtual Private Cloud (HAQM VPC) Flow Logs, and DNS query logs, HAQM Simple Storage Service (HAQM S3) data plane events, HAQM Elastic Kubernetes Service […]

A couple days ago, I had the honor of doing a live stream on generative AI, discussing recent innovations and concepts behind the current generation of large language and vision models and how we got there. In today’s roundup of news and announcements, I will share some additional information—including an expanded partnership to make generative […]

AWS re:Inforce returned to Boston last week, kicking off with a keynote from HAQM Chief Security Officer Steve Schmidt and AWS Chief Information Security officer C.J. Moses: Be sure to take some time to watch this video and the other leadership sessions, and to use what you learn to take some proactive steps to improve […]

August 1st, 2022: Post updated to clarify how GuardDuty Malware Protection works with KMS keys. With HAQM GuardDuty, you can monitor your AWS accounts and workloads to detect malicious activity. Today, we are adding to GuardDuty the capability to detect malware. Malware is malicious software that is used to compromise workloads, repurpose resources, or gain […]