- AWS Security Incident Response aims to tackle the challenge of addressing various security incidents
- Looks to lessen strain on cybersecurity teams
- Available to AWS customers across the world now
Amazon Web Services (AWS) has launched a new service to help businesses address the issues of cybersecurity and cyberattacks.
AWS Security Incident Response is designed to help businesses prepare for, respond to, and recover from different security incidents such as account takeovers, data breaches, and ransomware attacks.
AWS argues addressing various security events has gotten too cumbersome. Between a flood over daily alerts, time-consuming manual reviews, errors in coordination, and problems with permissions, many businesses struggle to contain their security challenges.
Cutting down on time spent
“There is an opportunity to better support customers and remove various points of undifferentiated heavy lifting that customers face during security events,” the blog reads.
Therefore AWS introduced a tool that, first and foremost, automatically triages security findings from GuardDuty and supported third-party tools through Security Hub to identify high-priority incidents requiring immediate attention. Through automation, and customer-specific information, the tool can filter and suppress security findings based on expected behavior.
Furthermore, it aims to simplify incident response by offering preconfigured notification rules and permission settings. Users get a centralized console with different features such as messaging, secure data transfer, and more. Finally, AWS Security Incident Response offers automated case history tracking and reporting, which allows IT teams to focus on remediation and recovery.
AWS Security Incident Response is now available via the AWS management console and service-specific APIs in 12 AWS Regions globally: US East (N. Virginia, Ohio), US West (Oregon), Asia Pacific (Seoul, Singapore, Sydney, Tokyo), Canada (Central), and Europe (Frankfurt, Ireland, London, Stockholm).
Incident response is critically important for businesses, especially in an era of increasing cybersecurity threats and reliance on digital infrastructure. It minimizes downtime and financial loss, protects the business’ reputation, ensures regulatory compliance, and keeps customer trust.
Via TechCrunch
You might also like
- Consolidating your incident response plan against cyber attacks
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
