AWS has introduced three enhanced security services at AWS re:Inforce to help organizations better manage emerging threats in the gen AI era.
As organizations face increasingly sophisticated cyber threats, AWS announced a dozen new capabilities today aiming to simplify security management while providing even more comprehensive protection. Here are three of those key services:
AWS Security Hub:
AWS Security Hub helps customers identify their most critical security issues and respond quickly to reduce risks. It acts as a kind of ‘security command center,’ connecting the dots between different types of security alerts and vulnerabilities. This helps security teams quickly spot and prioritize active threats to their cloud systems. By bringing everything together into one place, Security Hub provides a clearer picture of an organization’s security status while eliminating the need to manually gather information from multiple security tools. AWS Security Hub is available in preview to AWS customers.
AWS Shield:
AWS Shield is enhancing how it protects websites and online applications by proactively finding network security configuration mistakes and weaknesses. The service now creates a map of customers’ security resources, identifying vulnerabilities to common attacks like SQL injections (when hackers try to access data through website forms) and Distributed Denial-of-Service, or DDoS, attacks (when attackers overwhelm websites with fake traffic to make them crash). AWS Shield provides an easy-to-understand dashboard that highlights issues by severity, along with step-by-step instructions for fixing problems quickly. Customers can even use Amazon Q, the most capable generative AI-powered assistant for work, to get guidance through simple conversations, rather than navigating complex security settings.
Amazon GuardDuty:
AWS announced expanded capabilities for Amazon GuardDuty Extended Threat Detection (XTD), which now protects container-based applications running on Amazon Elastic Kubernetes Service (EKS). GuardDuty connects various security signals across customers’ systems to detect sophisticated attack patterns that might otherwise go unnoticed. By monitoring EKS audit logs, runtime behavior, and AWS activity, GuardDuty can identify complex, multi-stage attacks. These improved detection capabilities allow security teams to spend less time investigating potential issues and more time addressing genuine threats, reducing the impact on business operations.
AWS now has 100% multi-factor authentication enforcement for all root users across all types of AWS accounts. The new security capabilities provide customers with deeper visibility, streamline security operations, and help protect their cloud environments more effectively.
