AWS launches security tool to help businesses recover from cyberattacks

News
By
published

AWS Security Incident Response wants to do the heavy lifting

A digital representation of a lock
(Image credit: Altalex)
  • AWS Security Incident Response aims to tackle the challenge of addressing various security incidents
  • Looks to lessen strain on cybersecurity teams
  • Available to AWS customers across the world now

Amazon Web Services (AWS) has launched a new service to help businesses address the issues of cybersecurity and cyberattacks.

AWS Security Incident Response is designed to help businesses prepare for, respond to, and recover from different security incidents such as account takeovers, data breaches, and ransomware attacks.

AWS argues addressing various security events has gotten too cumbersome. Between a flood over daily alerts, time-consuming manual reviews, errors in coordination, and problems with permissions, many businesses struggle to contain their security challenges.

Cutting down on time spent

“There is an opportunity to better support customers and remove various points of undifferentiated heavy lifting that customers face during security events,” the blog reads.

Therefore AWS introduced a tool that, first and foremost, automatically triages security findings from GuardDuty and supported third-party tools through Security Hub to identify high-priority incidents requiring immediate attention. Through automation, and customer-specific information, the tool can filter and suppress security findings based on expected behavior.

Furthermore, it aims to simplify incident response by offering preconfigured notification rules and permission settings. Users get a centralized console with different features such as messaging, secure data transfer, and more. Finally, AWS Security Incident Response offers automated case history tracking and reporting, which allows IT teams to focus on remediation and recovery.

AWS Security Incident Response is now available via the AWS management console and service-specific APIs in 12 AWS Regions globally: US East (N. Virginia, Ohio), US West (Oregon), Asia Pacific (Seoul, Singapore, Sydney, Tokyo), Canada (Central), and Europe (Frankfurt, Ireland, London, Stockholm).

Incident response is critically important for businesses, especially in an era of increasing cybersecurity threats and reliance on digital infrastructure. It minimizes downtime and financial loss, protects the business’ reputation, ensures regulatory compliance, and keeps customer trust.

Via TechCrunch

You might also like

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.