Amazon Detective now supports AWS PrivateLink for private API access

Amazon Detective now supports Amazon Virtual Private Cloud (VPC) endpoints via AWS PrivateLink, enabling you to securely initiate API calls to Detective from within your VPC without requiring Internet traversal. AWS PrivateLink support for Detective is available in all AWS Regions where Detective is available (see the AWS Region table). To try the new feature, you can create a VPC endpoint for Detective through the VPC console, API, or SDK. This creates an elastic network interface in your specified subnets. The interface has a private IP address that serves as an entry point for traffic destined for Detective. You can read more about Detective’s integration with PrivateLink here.

Amazon Detective automatically collects log data from your AWS resources and uses machine learning, statistical analysis, and graph theory to build interactive visualizations that enable you to conduct faster and more efficient security investigations. Detective analyzes trillions of events from multiple data sources like Amazon Virtual Private Cloud (Amazon VPC) Flow Logs, AWS CloudTrail logs, Amazon Elastic Kubernetes Service (Amazon EKS) audit logs, and findings from multiple AWS security services to create a unified, interactive view of security events. Detective also automatically groups related findings from Amazon GuardDuty, AWS Security Hub and Amazon Inspector to show you combined threats and vulnerabilities to help security analysts identify and prioritize potential high-severity security risks.

To get started, see the Amazon Detective User Guide

Categories: general:products/amazon-detective,general:products/aws-govcloud-us,general:products/aws-privatelink,marketing:marchitecture/security-identity-and-compliance

Source: Amazon Web Services

Latest Posts