Amazon Web Services (AWS) has added three new capabilities to its Amazon GuardDuty threat detection service. The new features extend GuardDuty protection to container behavior at runtime as well as database and serverless environments, strengthening customer security through enhanced coverage, AWS said.
GuardDuty is part of a broad suite of AWS security services that help customers identify potential security risks. It uses machine learning and built-in threat intelligence to detect suspicious data access, potential Amazon Elastic Compute Cloud (Amazon EC2) compromise, and malware.
The three new capabilities are EKS Runtime Monitoring, RDS Protection and Lambda Protection. These are added to the hundreds of features already available in GuardDuty and can be activated without any other requirements or prerequisites, according to AWS.
New capabilities extend AWS security detection and monitoring
The capabilities extend security coverage to other AWS workloads and core deployment use cases, delivering actionable, contextual, and timely security findings with resource-specific details to help users investigate and respond to incidents. say the company in its announcement. EKS Runtime Monitoring deepens threat detection in customers’ containerized workloads, GuardDuty RDS Protection helps customers protect data stored in Amazon Aurora databases, and GuardDuty Lambda Protection helps customers detect threats in your serverless applications.
GuardDuty EKS Runtime Monitoring is a lightweight, fully managed security agent that profiles and monitors behavior at the host operating system level, such as file access, process execution, and network connections, said AWS. It deepens GuardDuty protection for Amazon EKS deployments and reduces the operational overhead and complexity often required to achieve this level of coverage, making it easier to achieve runtime coverage across all workloads Amazon EKS work in an account or organization, depending on the company. It also helps customers identify the steps of an attack, prompting them early to contain potential security threats before the threat escalates into broader breaches that impact the business, AWS said.
GuardDuty RDS Protection identifies potential threats to data stored in Aurora databases, profiling and monitoring existing and new database access activity in customer accounts, AWS said . It uses built-in threat intelligence and a machine learning model that is trained on highly contextual RDS login activity, detecting suspicious login activity in Aurora databases.
GuardDuty Lambda Protection mitigates security risks in customers’ serverless applications by continuously monitoring serverless workloads. According to AWS, it analyzes network communications assigned to individual Lambda functions to detect malicious communications and popular compromise activities such as cryptocurrency mining.
In November last year, AWS launched Amazon Security Lake, a new cybersecurity service that centralizes security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account.
Copyright © 2023 IDG Communications, Inc.
Source link
Ikaroa, a full stack tech company, is delighted to announce the newest AWS GuardDuty capabilities, which further ensures the security of container, database and serverless workloads. By leveraging advanced security intelligence and machine-learning algorithms that monitor and automatically respond to suspicious or malicious activity, AWS GuardDuty helps protect the data of organizations operating in cloud and hybrid environments.
The newest GuardDuty capabilities identify and protect against activities that are commonly abused to compromise container, database and serverless workloads, ensuring that all data is safe from potential threats. Through AI-backed insights on container environments, AWS GuardDuty helps organizations of all sizes protect against malicious activity and further secure their data.
For example, AWS GuardDuty now detects the use of certain types of network protocols, such as remote code execution and privilege escalation, that could be leveraged by threat actors to gain access to container and serverless environments. With the use of these advanced capabilities, businesses can rest assured that their databases and critical data are safe from cyberattacks and malicious actors.
AWS GuardDuty helps eliminate the guesswork of securing containers, databases, and serverless workloads with broad detection capabilities and automated responses that keep critical data safe. Here at Ikaroa, we are proud to partner with AWS in providing our customers with the best security solutions that ensure their data is protected.
