Amazon Web Services (AWS), a subsidiary of Amazon.com, Inc., has announced three new capabilities for its threat detection service, Amazon GuardDuty, to bolster customer security through improved machine learning, anomaly detection, and integrated threat intelligence. The new features extend GuardDuty’s protection to container runtime behavior and both database and serverless environments, thus enabling businesses to react swiftly to potential security risks.
GuardDuty, a part of AWS’s comprehensive suite of security services, assists customers in identifying potential security threats, allowing their security teams to concentrate on high-priority tasks. The recently introduced capabilities are designed to provide robust protection for customer workloads, particularly in containerized, serverless, and database environments.
The first enhancement, EKS Runtime Monitoring, deepens threat detection inside containerized workloads. The second, GuardDuty RDS Protection, helps safeguard data stored in Amazon Aurora databases. Finally, GuardDuty Lambda Protection detects threats to serverless applications.
The changing cybersecurity landscape and the plethora of security tools from different vendors make integrating and scaling security detection and response across environments challenging. Additionally, the evolving workplace and threat landscape require Chief Information Security Officers (CISOs) to continuously enhance enterprise security to account for cloud adoption, remote working, and third-party infrastructure integration.
GuardDuty helps protect customers from emerging threats through ongoing innovation in machine learning, anomaly detection, and integrated threat intelligence. It uses machine learning detections trained to identify highly suspicious data access and any potential Amazon Elastic Compute Cloud (Amazon EC2) compromise. The threat detection service also comes with pre-integrated and continuously updated threat intelligence feeds from AWS and industry-leading, third-party providers such as CrowdStrike, Proofpoint, and Bitdefender.
The three new capabilities added to GuardDuty expand security coverage to other AWS workloads and core deployment use cases. These capabilities can be easily enabled organization-wide, providing actionable, contextual, and timely security findings with resource-specific details to aid quick investigation and response.
Jon Ramsey, vice president for Security Services at AWS, said, “GuardDuty’s new capabilities build on this powerful foundation to expand security detection and monitoring even further, to where customers tell us they need it most: containers’ runtime monitoring, databases, and serverless applications. We’ve now more than tripled the number of managed detections since we introduced GuardDuty.”
Prominent AWS customers, including Arctic Wolf Networks, Best Buy, GE Digital, Siemens, and cybersecurity startup Wiz, praised the new enhancements and the overall effectiveness of GuardDuty in securing their AWS workloads. GuardDuty continues to play an integral role in protecting businesses from emerging security threats, thereby fortifying their overall security posture.
To learn more about Amazon GuardDuty and its new capabilities, visit aws.amazon.com/guardduty.
本文， ”AWS 通过新的安全功能增强 GuardDuty” 首次发表于 小型企业趋势