AWS is launching a new response service to help customers respond faster to security incidents.
The impact of cyber attacks is increasing. Being able to act quickly and adequately is necessary to nip cyber attacks in the bud, but a lack of resources and/or people is precisely where the shoe pinches. With this in mind, AWS is announcing a new Security Incident Response service within its cloud.
From detection to recovery
Security Incident Response automates the processing of security notifications from Amazon GuardDuty and external threat detection tools through AWS Security Hub. The service identifies priority notifications and provides around-the-clock access to AWS experts who assist customers at all stages of the response with advice and assistance, from detection to remediation.
The service also includes automated case history, reporting, and collaboration tools. This allows organizations to respond faster and focus on recovery activities. Customers can set permissions to coordinate incidents with internal and external stakeholders. The service offers three main features:
- Automatic triage of security alerts: Security Incident Response filters and suppresses notifications based on customer information, allowing security teams to focus on critical alerts.
- Easy incident response: Customers can use a central console with integrated features such as messaging and video conferencing. Pre-set notifications and permissions simplify coordination.
- Access to self-service tools and 24/7 support: Customers are given tools for investigation and can handle incidents independently or with external partners.
AWS is making the response service available through 12 cloud regions, including four in Europe (Frankfurt, London, Stockholm, Ireland). This week, the cloud giant is hosting its annual high mass re:Invent in Las Vegas.
read also