Amazon Web Services Posted October 17, 2022 Share Posted October 17, 2022 Starting today, Amazon Detective automatically groups related GuardDuty findings to help security analysts reduce triage time and create a more comprehensive security investigation. Detective uses machine learning (ML) to group related GuardDuty findings that in insolation may have been ignored but together show the lifecycle of an attack, which can help security analysts identify advanced threats more easily. Available under the Summary page, Detective shows groups of related GuardDuty findings with severity, all affected AWS accounts, and resources. In addition, Detective maps the evolution of findings to tactics, techniques, and procedures (TTP) from the MITRE ATT&CK framework - a well adopted framework for security and threat detection. View the full article Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.