Skip to content
  • Privacy Policy
  • Privacy Policy
High DA, PA, DR Guest Blogs Posting Website – Pcp247.com

High DA, PA, DR Guest Blogs Posting Website – Pcp247.com

Pcp247.com

  • Computer
  • Fashion
  • Business
  • Lifestyle
  • Automobile
  • Login
  • Register
  • Technology
  • Travel
  • Post Blog
  • Toggle search form
  • Kids Smartwatch Market Competition, Forecast, Opportunities, And Forecast 2023-2032 Computer
  • Relationship Assistance From Jay Shetty Health and Fitness
  • Importance of Software Development Services Technology
  • cleaver knife uk
    Knives: A Guide to Choosing the Right One Management Tools
  • How To Prevent Hunching At Your Desk Health and Fitness
  • Experience your thoughts with the Thoughts Journal and Inner thoughts Wheel — Serene Blog site Health and Fitness
  • Children need quiet environments to help early brain development : NPR Health and Fitness
  • Fire-Boltt Collide smartwatch launched in India: price, features, availability Computer

New – Simplify the Investigation of AWS Security Findings with Amazon Detective

Posted on May 19, 2023 By Editorial Team

With Amazon Detective, you can analyze and visualize security data to investigate potential security issues. Detective collects and analyzes events that describe IP traffic, AWS management operations, and malicious or unauthorized activity from AWS CloudTrail logs, Amazon Virtual Private Cloud (Amazon VPC) Flow Logs, Amazon GuardDuty findings, and, since last year, Amazon Elastic Kubernetes Service (EKS) audit logs. Using this data, Detective constructs a graph model that distills log data using machine learning, statistical analysis, and graph theory to build a linked set of data for your security investigations.

Starting today, Detective offers investigation support for findings in AWS Security Hub in addition to those detected by GuardDuty. Security Hub is a service that provides you with a view of your security state in AWS and helps you check your environment against security industry standards and best practices. If you’ve turned on Security Hub and another integrated AWS security services, those services will begin sending findings to Security Hub.

With this new capability, it is easier to use Detective to determine the cause and impact of findings coming from new sources such as AWS Identity and Access Management (IAM) Access Analyzer, Amazon Inspector, and Amazon Macie. All AWS services that send findings to Security Hub are now supported.

Let’s see how this works in practice.

Enabling AWS Security Findings in the Amazon Detective Console
When you enable Detective for the first time, Detective now identifies findings coming from both GuardDuty and Security Hub, and automatically starts ingesting them along with other data sources. Note that you don’t need to enable or publish these log sources for Detective to start its analysis because this is managed directly by Detective.

If you are an existing Detective customer, you can enable investigation of AWS Security Findings as a data source with one click in the Detective Management Console. I already have Detective enabled, so I add the source package.

In the Detective console, in the Settings section of the navigation pane, I choose General. There, I choose Edit in the Optional source packages section to enable Detective for AWS Security Findings.

Once enabled, Detective starts analyzing all the relevant data to identify connections between disparate events and activities. To start your investigation process, you can get a visualization of these connections, including resource behavior and activities. Historical baselines, which you can use to provide comparisons against recent activity, are established after two weeks.

Investigating AWS Security Findings in the Amazon Detective Console
I start in the Security Hub console and choose Findings in the navigation pane. There, I filter findings to only see those where the Product name is Inspector and Severity label is HIGH.

The first one looks suspicious, so I choose its Title (CVE-2020-36223 – openldap). The Security Hub console provides me with information about the corresponding Common Vulnerabilities and Exposures (CVE) ID and where and how it was found. At the bottom, I have the option to Investigate in Amazon Detective. I follow the Investigate finding link, and the Detective console opens in another browser tab.

Here, I see the entities related to this Inspector finding. First, I open the profile of the AWS account to see all the findings associated with this resource, the overall API call volume issued by this resource, and the container clusters in this account.

For example, I look at the successful and failed API calls to have a better understanding of the impact of this finding.

Then, I open the profile for the container image. There, I see the images that are related to this image (because they have the same repository or registry as this image), the containers running from this image during the scope time (managed by Amazon EKS), and the findings associated with this resource.

Depending on the finding, Detective helps me correlate information from different sources such as CloudTrail logs, VPC Flow Logs, and EKS audit logs. This information makes it easier to understand the impact of the finding and if the risk has become an incident. For Security Hub, Detective only ingests findings for configuration checks that failed. Because configuration checks that passed have little security value, we’re filtering these outs.

Availability and Pricing
Amazon Detective investigation support for AWS Security Findings is available today for all existing and new Detective customers in all AWS Regions where Detective is available, including the AWS GovCloud (US) Regions. For more information, see the AWS Regional Services List.

Amazon Detective is priced based on the volume of data ingested. By enabling investigation of AWS Security Findings, you can increase the volume of ingested data. For more information, see Amazon Detective pricing.

When GuardDuty and Security Hub provide a finding, they also suggest the remediation. On top of that, Detective helps me investigate if the vulnerability has been exploited, for example, using logs and network traffic as proof.

Currently, findings coming from Security Hub are not included in the Finding groups section of the Detective console. Our plan is to expand Finding groups to cover the newly integrated AWS security services. Stay tuned!

Start using Amazon Detective to investigate potential security issues.

— Danilo

Amazon Detective, Amazon GuardDuty, Amazon Inspector, Announcements, AWS Security Hub, Launch, News, Security, Security, Identity, & Compliance

Post navigation

Previous Post: New – Simplify the Investigation of AWS Safety Findings with Amazon Detective
Next Post: Food and drug administration Panel Suggests RSV Vaccine to Defend Younger Infants

Related Posts

  • New: AWS Telco Network Builder – Deploy and Manage Telco Networks Launch
  • Top Announcements of the AWS Summit in New York, 2023 Amazon Redshift
  • New – Use Amazon S3 Object Lambda with Amazon CloudFront to Tailor Content for End Users Amazon CloudFront
  • AWS Week in Review – AWS Wickr, Amazon Redshift, Generative AI, and More – May 29, 2023 Amazon Redshift
  • Learn How to Modernize Your Applications at AWS Serverless Innovation Day Amazon Elastic Container Service
  • New – Amazon Aurora I/O-Optimized Cluster Configuration with Up to 40% Cost Savings for I/O-Intensive Applications Amazon Aurora
Top 30 High DA-PA Guest Blog Posting Websites 2023
Top 30 High DA-PA Guest Blog Posting Websites 2023

Recent Posts

  • Escorts Service in Kolkata
  • Brightening Your Space: Choosing the Right Dali High Bay LED Light
  • What is the most beautiful places in Budapest
  • Unlocking the Healing Potential of Ark Drops: A Comprehensive Guide
  • Is the GMPT55X Worth the Investment?

Categories

  • .NET
  • *Post Types
  • Amazon Athena
  • Amazon Aurora
  • Amazon Bedrock
  • Amazon Chime SDK
  • Amazon CloudFront
  • Amazon CloudWatch
  • Amazon CodeCatalyst
  • Amazon CodeWhisperer
  • Amazon Comprehend
  • Amazon Connect
  • Amazon Detective
  • Amazon DynamoDB
  • Amazon EC2
  • Amazon EC2 Mac Instances
  • Amazon EKS Distro
  • Amazon Elastic Block Store (Amazon EBS)
  • Amazon Elastic Container Registry
  • Amazon Elastic Container Service
  • Amazon Elastic File System (EFS)
  • Amazon Elastic Kubernetes Service
  • Amazon EMR
  • Amazon EventBridge
  • Amazon Fraud Detector
  • Amazon FSx
  • Amazon FSx for Lustre
  • Amazon FSx for NetApp ONTAP
  • Amazon FSx for OpenZFS
  • Amazon FSx for Windows File Server
  • Amazon GameLift
  • Amazon GuardDuty
  • Amazon Inspector
  • Amazon Interactive Video Service
  • Amazon Kendra
  • Amazon Lex
  • Amazon Lightsail
  • Amazon Location
  • Amazon Machine Learning
  • Amazon Managed Service for Apache Flink
  • Amazon Managed Workflows for Apache Airflow (Amazon MWAA)
  • Amazon MemoryDB for Redis
  • Amazon Neptune
  • Amazon Omics
  • Amazon OpenSearch Service
  • Amazon Personalize
  • Amazon Pinpoint
  • Amazon Polly
  • Amazon QuickSight
  • Amazon RDS
  • Amazon Redshift
  • Amazon S3 Glacier
  • Amazon S3 Glacier Deep Archive
  • Amazon SageMaker
  • Amazon SageMaker Canvas
  • Amazon SageMaker Data Wrangler
  • Amazon Security Lake
  • Amazon Simple Email Service (SES)
  • Amazon Simple Notification Service (SNS)
  • Amazon Simple Queue Service (SQS)
  • Amazon Simple Storage Service (S3)
  • Amazon Transcribe
  • Amazon VPC
  • Amazon WorkSpaces
  • Analytics
  • Announcements
  • Application Integration
  • Application Services
  • Artificial Intelligence
  • Auto Scaling
  • Automobile
  • AWS Amplify
  • AWS Application Migration Service
  • AWS AppSync
  • AWS Backup
  • AWS Chatbot
  • AWS Cloud Development Kit
  • AWS CloudTrail
  • AWS CodeArtifact
  • AWS CodeBuild
  • AWS CodePipeline
  • AWS Config
  • AWS Data Exchange
  • AWS Database Migration Service
  • AWS DataSync
  • AWS Direct Connect
  • AWS Fargate
  • AWS Glue
  • AWS Glue DataBrew
  • AWS HealthImaging
  • AWS Heroes
  • AWS IoT Core
  • AWS Key Management Service
  • AWS Lake Formation
  • AWS Lambda
  • AWS Management Console
  • AWS Outposts
  • AWS re:Invent
  • AWS SDK for Java
  • AWS Security Hub
  • AWS Serverless Application Model
  • AWS Service Catalog
  • AWS Snow Family
  • AWS Snowball Edge
  • AWS Step Functions
  • AWS Support
  • AWS Systems Manager
  • AWS Toolkit for JetBrains IntelliJ IDEA
  • AWS Toolkit for JetBrains PyCharm
  • AWS Toolkit for JetBrains WebStorm
  • AWS Toolkit for VS Code
  • AWS Training and Certification
  • AWS Wavelength
  • AWS Wickr
  • AWS X-Ray
  • Best Practices
  • Business
  • Compliance
  • Compute
  • Computer
  • Contact Center
  • Containers
  • Customer Enablement
  • Customer Solutions
  • Database
  • Developer Tools
  • DevOps
  • Education
  • End User Computing
  • Events
  • Fashion
  • Financial Services
  • Game
  • Game Development
  • General News
  • Generative AI
  • Graviton
  • Health and Fitness
  • High Performance Computing
  • Hybrid Cloud Management
  • Industries
  • Internet of Things
  • Kinesis Data Analytics
  • Launch
  • Lifestyle
  • Management Tools
  • Media & Entertainment
  • Media Services
  • Migration & Transfer Services
  • Migration Acceleration Program (MAP)
  • Networking & Content Delivery
  • News
  • Open Source
  • Public Sector
  • RDS for PostgreSQL
  • Real Estate
  • Regions
  • Relationship
  • Research
  • Robotics
  • Security
  • Security, Identity, & Compliance
  • Serverless
  • Social Media
  • Storage
  • Supply Chain
  • Technical How-to
  • Technology
  • Telecommunications
  • Thought Leadership
  • Travel
  • Uncategorized
  • Week in Review

Abortion administration Amazon AWS Ban Bird Blog Calm Care Covid Day days drug Easy Eating Fda fitness Food health Healthy Heres life Means Mental Minds NPR People Psychological Quiet Review Salad Serene Shots site Smoothie States Stress Student Treatment U.S Vaccine Weblog Website Week Wellness

  • Kids Smartwatch Market Competition, Forecast, Opportunities, And Forecast 2023-2032 Computer
  • Relationship Assistance From Jay Shetty Health and Fitness
  • Importance of Software Development Services Technology
  • cleaver knife uk
    Knives: A Guide to Choosing the Right One Management Tools
  • How To Prevent Hunching At Your Desk Health and Fitness
  • Experience your thoughts with the Thoughts Journal and Inner thoughts Wheel — Serene Blog site Health and Fitness
  • Children need quiet environments to help early brain development : NPR Health and Fitness
  • Fire-Boltt Collide smartwatch launched in India: price, features, availability Computer

Latest Posts

  • Escorts Service in Kolkata
  • Brightening Your Space: Choosing the Right Dali High Bay LED Light
  • What is the most beautiful places in Budapest
  • Unlocking the Healing Potential of Ark Drops: A Comprehensive Guide
  • Is the GMPT55X Worth the Investment?

Gallery

Quick Links

  • Login
  • Register
  • Contact us
  • Post Blog
  • Privacy Policy

Powered by PressBook News WordPress theme