New intelligent threat detection service
analyzes trillions of events per day to identify new and evolving
threats and provide simple, tailored, and cost-effective protection
for AWS accounts and workloads
GE, Netflix, Autodesk, Twilio, Webroot, and
Mapbox among the customers using Amazon GuardDuty
Today at AWS re:Invent, Amazon Web Services Inc. (AWS), an
Amazon.com company (NASDAQ: AMZN), announced Amazon GuardDuty, a
fully managed intelligent threat detection service that helps
customers protect their AWS accounts and workloads by continuously
monitoring account activity for malicious or unauthorized behavior.
Customers can enable Amazon GuardDuty with a few clicks in the AWS
Management Console and immediately begin analyzing API calls and
network activity across their accounts to establish a baseline of
“normal” account activity. Then, Amazon GuardDuty continuously
applies machine learning to identify any events that fall outside
the normal patterns. Amazon GuardDuty correlates activity using
both proprietary, AWS-developed threat intelligence sources and
industry-leading third-party sources. When anomalies are detected,
Amazon GuardDuty delivers a detailed security alert to the AWS
account owner, making alerts actionable and easy to integrate with
existing event management and workflow systems. With Amazon
GuardDuty, there is no hardware or software to deploy and no
third-party subscription costs; customers pay only for the events
analyzed. To get started with Amazon GuardDuty, visit:
https://aws.amazon.com/guardduty.
As customers grow their cloud usage and increasingly deploy
microservices architectures, they may have multiple AWS accounts
with up to hundreds of thousands of instances. Identifying and
assessing anomalous behavior across multiple accounts, networks,
and instances at this scale can be like trying to find a needle in
a haystack. Whether looking for attackers scanning web servers for
vulnerabilities, monitoring for compromised instances being used to
serve malware or mine cryptocurrency, or finding unauthorized
resource provisioning, security teams have had to build or
integrate multiple tools to detect anomalies. Customers also have
to collect API access and network flow logs and correlate them with
threat intelligence sources, applying algorithms to identify
anomalies based on known threats. And, often, as soon as the
algorithms are well-tuned, the threats evolve and the algorithm
requires rework. Now, with Amazon GuardDuty, customers can easily
deploy intelligent threat detection that takes care of all of this
undifferentiated heavy lifting. Once activated, Amazon GuardDuty
immediately begins consuming AWS CloudTrail and Amazon VPC Flow
Logs to find indications of account-based threats that traditional
solutions might miss, such as an unusual instance type being
deployed in a region that has never been used, or an attempt to
obscure user activity by disabling AWS CloudTrail logging. Amazon
GuardDuty generates anomaly alerts that are tailored to each
customer’s AWS use, and AWS continuously updates the threat
intelligence sources Amazon GuardDuty employs. Amazon GuardDuty can
be enabled instantly with no risk of negatively impacting existing
application workloads.
“Customers often tell us that the best way we can help them stay
secure is to give them smarter tools that make it easier to get
security right,” said Stephen Schmidt, Chief Information Security
Officer, Amazon Web Services. “We designed Amazon GuardDuty to be
so simple and cost effective that turning it on would be an easy
choice for every AWS customer, regardless of their security
expertise or the existing security services they use. Amazon
GuardDuty intelligently identifies hard-to-detect threats that
might slip through the cracks of other security products and easily
scales to meet the needs of any organization, whether they have two
AWS accounts or two thousand.”
General Electric (GE) is the world’s Digital Industrial Company,
transforming industry with software-defined machines and solutions
that are connected, responsive, and predictive. “Security is a top
priority at GE and ingrained in our company culture,” said Nasrin
Rezai, Vice President, Global Chief Information and Product
Security Officer at GE. “GE runs thousands of applications on AWS.
Deploying Amazon GuardDuty across our AWS global footprint required
only a matter of hours and enhances our threat detection
capabilities.”
The Financial Industry Regulatory Authority (FINRA) oversees
more than 3,900 securities firms with approximately 640,000 brokers
and processes approximately 6 terabytes of data and 37 billion
records on an average day. “We’ve found that we can be more secure
in the cloud than we can on-premises,” said John Brady, CISSP, VP
Cyber Security/CISO, FINRA. “With AWS, my team has access to
outstanding tooling for patching, encryption, auditing and logging,
entitlements, compliance, and now threat detection. We’re excited
about how this new product can help us take advantage of machine
learning to analyze all of our account activity, accurately
detecting behavioral anomalies and enabling us to respond
quickly.”
Netflix is the world's leading internet entertainment service
with over 109 million members in over 190 countries enjoying more
than 125 million hours of TV shows and movies per day. “We’re
excited about the capabilities of Amazon GuardDuty,” said Shaun
Blackburn, Security Manager, Netflix. “By delegating the management
and monitoring of flow logs to AWS, we can extend our detection
capabilities and pursue Netflix-specific security work. AWS has
deep knowledge of common attack patterns and trends. By leveraging
their unique position as the largest cloud providers, they are able
to train sophisticated models that we can immediately consume. With
Amazon GuardDuty, we can continue to innovate to deliver the
greatest convenience, selection, and value to our members.”
Mapbox is a location data platform for maps, search, and
navigation that serves more than 300 million end users each
month. It's all-in on AWS and runs across 10 regions. "Amazon
GuardDuty vastly improves cloud intrusion detection, replacing
multiple in-house systems with a more advanced, more accurate, and
much lower-maintenance service," said Ian Ward, Engineering
Manager, Security at Mapbox. “We were able to enable Amazon
GuardDuty instantly, replacing a large-scale engineering project
with a fully managed, much more complete service."
Autodesk is a leader in 3D design, engineering, and
entertainment software. “It’s incredibly important we give our
developers the freedom to be agile, while at the same time
maintaining our high security standards,” said Kolby Dauler, Lead
Engineer for Cloud Security at Autodesk. “Amazon GuardDuty helps us
secure our AWS accounts owned by our developers, without slowing
them down to install and maintain monitoring infrastructure. Using
Amazon GuardDuty also gives our security team visibility into
actionable metrics and involves them earlier in decisions that help
drive better security practices.”
Amazon GuardDuty can send all findings to AWS CloudWatch Events
and supports API endpoints through the AWS SDK, allowing for robust
interoperability with third-party solutions. Leading providers such
as Alert Logic, Evident.io, Palo Alto Networks, Rapid7, Redlock,
Splunk, Sumo Logic, and Trend Micro have built integrations with
Amazon GuardDuty, with more coming soon. These integrations allow
customers to easily incorporate intelligence from Amazon GuardDuty
into their existing security workflows for deeper analysis and
automated prevention. Amazon GuardDuty also incorporates threat
intelligence feeds from CrowdStrike, Proofpoint, and the AWS
Security team to help identify and protect customers from known bad
actors.
About Amazon Web Services
For more than 11 years, Amazon Web Services has been the world’s
most comprehensive and broadly adopted cloud platform. AWS offers
over 100 fully featured services for compute, storage, databases,
networking, analytics, machine learning and artificial intelligence
(AI), Internet of Things (IoT), mobile, security, hybrid, and
application development, deployment, and management from 44
Availability Zones (AZs) across 16 geographic regions in the U.S.,
Australia, Brazil, Canada, China, Germany, India, Ireland, Japan,
Korea, Singapore, and the UK. AWS services are trusted by millions
of active customers around the world—including the fastest-growing
startups, largest enterprises, and leading government agencies—to
power their infrastructure, make them more agile, and lower costs.
To learn more about AWS, visit https://aws.amazon.com.
About Amazon
Amazon is guided by four principles: customer obsession rather
than competitor focus, passion for invention, commitment to
operational excellence, and long-term thinking. Customer reviews,
1-Click shopping, personalized recommendations, Prime, Fulfillment
by Amazon, AWS, Kindle Direct Publishing, Kindle, Fire tablets,
Fire TV, Amazon Echo, and Alexa are some of the products and
services pioneered by Amazon. For more information, visit
www.amazon.com/about and follow @AmazonNews.
View source
version on businesswire.com: http://www.businesswire.com/news/home/20171128006613/en/
Amazon.com, Inc.Media
HotlineAmazon-pr@amazon.comwww.amazon.com/pr
Amazon.com (NASDAQ:AMZN)
Historical Stock Chart
From Mar 2024 to Apr 2024
Amazon.com (NASDAQ:AMZN)
Historical Stock Chart
From Apr 2023 to Apr 2024