Amazon Web Services (AWS) and other vendors announced new cloud security products and features at the re:Invent 2024 conference hosted by AWS.
AWS made several announcements. It launched an incident response service designed to provide organizations with quick and effective security incident management capabilities.
The cloud giant also announced extended threat detection capabilities for Amazon GuardDuty, specifically the use of AI and ML algorithms trained at AWS scale to automatically correlate security signals from across AWS services to detect known and previously unknown attack sequences.
AWS also informed customers that Amazon OpenSearch Service zero-ETL is now integrated with Amazon Security Lake to simplify security analytics. The integration enables users to query and analyze security data in-place directly through OpenSearch, and enables the exploration of voluminous data sources that were previously cost-prohibitive to analyze.
AWS announced that Verified Access now supports secure access to resources over non-HTTP(S) protocols, enabling users to provide VPN-less secure access to corporate applications and resources, including both HTTPS and non-HTTPS, using AWS zero trust principles.
Also at re:Invent 2024, cloud security giant Wiz launched a new product designed to protect AI and cloud environments by detecting and responding to active threats in real time.
Building on the expertise gained from the acquisition of Gem Security in April, the new product, named Wiz Defend, leverages the power of the Wiz runtime sensor and the Wiz security graph to help SecOps teams detect and respond to cloud-based attacks in real time. Wiz Defend also leverages integrations with vendors such as Cribl, Exabeam, Expel, Panther Labs, ReliaQuest, Tamnoon, Tines, and Torq.
The product provides AI-generated remediation and response capabilities and the Wiz AskAI copilot helps accelerate investigation and containment.
Advertisement. Scroll to continue reading.
Sweet Security announced a competing product at AWS re:Invent: a unified cloud-native detection and response platform that provides application detection and response (ADR), cloud detection and response (CDR), and cloud workload protection platform (CWPP) capabilities.
Sweet Security has highlighted several aspects that allegedly make its platform better than Wiz Defend, including additional capabilities such as ADR, and the unification of network and L7 capabilities, which enables ideal fusing between the different layers of the cloud. Sweet claims its solution can identify session-based anomalies through in-house unique LLM models, being able to pinpoint the specific behavioral deviation.
Cloud threat detection and response company Skyhawk Security announced at AWS’s conference that its platform now includes an interactive detection and response capability that adds real-time user interaction to verify suspicious activity of both human and non-human identities that are the root cause of an alert.
Related: Google Cloud to Assign CVEs to Critical Vulnerabilities
Related: Wiz Buys Dazz for $450 Million
Related: Google Cloud Rolling Out Mandatory MFA for All Users