AWS CloudTrail launches Insights for data events to automatically detect anomalies in data access

Today, AWS extends AWS CloudTrail Insights to data events. CloudTrail Insights help you identify and respond to unusual activity associated with API call rates and API error rates in your AWS accounts. Until today, Insights worked by continuously analyzing only CloudTrail management events. Now, with today’s launch, Insights also analyzes data events, thereby strengthening your ability to quickly investigate and respond to potential security or operational issues.

Available on CloudTrail trails, Insights for data events automatically detects anomalies in data access activities, such as unexpected surges in delete Amazon S3 object API calls or increased error rates for AWS Lambda function invocations, enabling you to rapidly uncover potential security and operational issues, all without requiring you to build detection systems or export data to third-party tools.

CloudTrail Insights for data events works by establishing normal baselines for data access patterns in your AWS accounts and creates a CloudTrail event when it detects anomalies. When an unusual pattern is detected, CloudTrail provides the relevant data events from the anomaly period – helping you precisely investigate what led to the anomaly. You can configure alerts to be automatically notified when potential issues occur, enabling rapid response to potential threats or issues.

CloudTrail Insights for data events is available in all regions where AWS CloudTrail is available. To get started with CloudTrail Insights, see our documentation. Additional charges apply for Insights for data events. To learn more about pricing for this feature, visit the AWS CloudTrail pricing page.

Categories: general:products/aws-cloudtrail,marketing:marchitecture/management-and-governance

Source: Amazon Web Services

Latest Posts