AWS is launching a security tool to help companies recover from cyber attacks
- AWS Security Incident Response aims to address the challenge of addressing various security incidents
- It appears that the pressure on cybersecurity teams is being reduced
- Now available to AWS customers worldwide
Amazon Web Services (AWS) has launched a new service to help businesses tackle the problems of cybersecurity and cyber attacks.
AWS Security Incident Response is designed to help businesses prepare for, respond to, and recover from various security incidents, such as account takeovers, data breaches, and ransomware attacks.
AWS states that addressing various security events has become too cumbersome. Between a barrage of daily alerts, time-consuming manual reviews, coordination errors, and permissions issues, many companies struggle to stay on top of their security challenges.
Reducing the time spent
“There is an opportunity to better support customers and eliminate several points of undifferentiated burden that customers face during security events,” the blog said.
That’s why AWS introduced a tool that primarily automatically reviews security findings from GuardDuty and supports third-party tools through Security Hub to identify high-priority incidents that require immediate attention. Through automation and customer-specific information, the tool can filter and suppress security findings based on expected behavior.
Furthermore, it aims to simplify incident response by offering pre-configured notification rules and permission settings. Users get a centralized console with various features such as messaging, secure data transfer, and more. Finally, AWS Security Incident Response provides automated case history tracking and reporting, allowing IT teams to focus on remediation and recovery.
AWS Security Incident Response is now available through the AWS Management Console and service-specific APIs in 12 AWS Regions worldwide: US East (N. Virginia, Ohio), US West (Oregon), Asia Pacific (Seoul, Singapore, Sydney, Tokyo), Canada (Central) and Europe (Frankfurt, Ireland, London, Stockholm).
Incident response is critical for businesses, especially in an era of increasing cyber threats and dependence on digital infrastructure. It minimizes downtime and financial losses, protects company reputation, ensures regulatory compliance and maintains customer trust.
Via TechCrunch