Amazon Detective

  • GuardDuty, Macie, and Security Hub are used to identify potential security issues or findings

  • Sometimes security findings require deeper analysis to isolate the root cause and take action – it’s a complex process

  • Amazon Detective analyzes, investigates, and quickly identifies the root cause of security issues or suspicious activities (using ML and graphs)

  • Automatically collects and processes events from VPC Flow Logs, CloudTrail, GuardDuty and create a unified view

  • Produces visualizations with details and context to get to the root cause

PreviousAWS Security HubNextAWS Abuse

Last updated