AWS Launches Automated Security Platform to Combat Cyber Threats

Amazon Web Services (AWS) has launched an automated security response platform designed to enhance how organizations handle cyber threats, including account takeovers and ransomware attacks. This new service is aimed at addressing the challenges of escalating security breaches and the increasing cost of data breaches, which averaged $4.5 million in 2023.

The AWS Security Incident Response platform integrates with AWS GuardDuty and third-party security tools through AWS Security Hub. Its capabilities include automated triage of security findings using customer-specific data, helping security teams focus on critical threats without being overwhelmed by high alert volumes. Pre-configured notification rules and centralized permissions streamline coordination among internal and external security stakeholders.

The platform allows organizations to establish a central account for monitoring and managing security events across their AWS environment. For findings that cannot be resolved automatically, the system generates security cases and notifies relevant stakeholders. Additionally, the service offers Identity and Access Management (IAM) tools to execute containment actions securely.

AWS’s Customer Incident Response Team (CIRT) provides 24/7 support, enabling customers to address incidents independently or collaborate with third-party vendors. Organizations can also track performance metrics like mean time to resolution (MTTR) and active cases, streamlining reporting and enhancing visibility.

Available in 12 global AWS regions, including North America, Europe, and Asia Pacific, the platform supports every phase of the incident response lifecycle, from preparation to recovery. By automating manual processes and fostering real-time communication between stakeholders, the service aims to reduce response times and minimize the impact of security breaches.

Betty Zheng, Senior Developer Advocate at AWS, emphasized the need for such a solution: “Security events are becoming more pervasive and complex. Manual investigations strain resources and can cause critical alerts to be overlooked.”

This launch underscores AWS’s commitment to strengthening cloud security and equipping organizations with tools to navigate the evolving threat landscape effectively.

Source: Cyber Magazine

The European Cyber Intelligence Foundation is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.