AWS Launches New Cybersecurity Services
30.11.2017 securityweek  Cyber
Amazon Web Services (AWS) announced this week at its AWS re:Invent conference the launch of several new cybersecurity services, including for threat detection, IoT security, and secure communications for Virtual Private Cloud.

Amazon GuardDuty

One of the new products is Amazon GuardDuty, an intelligent threat detection service that helps customers protect their AWS accounts and workloads by continuously looking for unauthorized and malicious activity.

Amazon GuardDuty, which can be enabled from the AWS Management Console, creates a baseline for normal account activity, and uses machine learning to identify any irregular behavior. If suspicious activity is detected, the AWS account owner is immediately notified.

The new service obtains threat intelligence from both AWS itself and third-party sources such as CrowdStrike and Proofpoint, it does not require any new hardware or software, and it can be integrated with products from Alert Logic, Evident.io, Palo Alto Networks, RedLock, Rapid7, Sumo Logic, Splunk and Trend Micro.

The list of organizations already using GuardDuty includes Autodesk, Netflix, Mapbox, GE, and the Financial Industry Regulatory Authority (FINRA).

AWS PrivateLink

Another new product launched this week is AWS PrivateLink, a managed service that allows developers to securely access third-party SaaS applications from their Virtual Private Cloud (VPC).AWS launches new security services

A majority of Amazon EC2 cloud instances run in VPCs these days, but using third-party SaaS applications can introduce security risks. With AWS PrivateLink, AWS allows users to initiate connections to third parties without exposing their VPC to the Internet, or connect their internal services across different VPCs and accounts.

The list of SaaS applications that support AWS PrivateLink can be found on the AWS Marketplace. Companies such as CA Technologies, Aqua Security, Dynatrace, Cisco and SigOpt have announced that they support PrivateLink.

AWS launches new security services

AWS also announced the launch of several new services designed for managing, protecting and monitoring Internet of Things (IoT) devices. These are AWS IoT 1-Click, IoT Device Management, IoT Device Defender, IoT Analytics, Amazon FreeRTOS, and Greengrass ML Inference.

Three of the new IoT services help improve security. AWS IoT Device Management, which is available immediately, allows organizations to securely onboard, manage and monitor IoT devices, including to apply patches and software updates.

AWS IoT Device Defender, expected to become available in the first half of 2018, monitors devices for any suspicious activity, such as traffic going to an unknown IP, and ensures that IoT systems are compliant with security policies.

Amazon FreeRTOS allows users to securely connect small, low-power devices that use the FreeRTOS operating system (e.g. light bulbs, motion sensors) to AWS cloud services. The list of microcontroller manufacturers that support Amazon FreeRTOS includes Microchip, NXP Semiconductors, STMicroelectronics, Texas Instruments, Arm, IAR, Percepio, and WITTENSTEIN.