Amazon Launches “Macie” Security Service to Protect Data in AWS
Amazon announced this week the launch of Macie, a new security service that helps Amazon Web Services (AWS) users discover, classify and protect sensitive data.
Amazon Macie uses machine learning to automatically identify and protect personally identifiable information (PII), intellectual property and other sensitive data, and informs users of how their data is being accessed or moved via dashboards and alerts.
When deployed, Amazon Macie creates a baseline and then uses a behavior analytics engine to detect risky or suspicious activity. Customers can define automated remediation actions, including for resetting passwords and access control lists (ACLs), and create custom alert management via CloudWatch Events for integration with existing security ticketing systems.
Security and compliance events that could pose a risk are classified into 20 categories, including API keys and credentials stored in source code, high-risk data events, credentials within unencrypted backups, and various activities that could represent the early stages of an attack.
The product can be integrated with security information and event management (SIEM) and managed security service provider (MSSP) services.
Pricing for Amazon Macie is based on the amount of data that is classified, captured and analyzed. Additional fees are charged for the optional Extended Data Retention feature, which increases the metadata retention period.
The Macie console can be found in the AWS Management Console. However, the service is currently supported only in Northern Virginia and Oregon, and it can only protect data stored in Amazon Simple Storage Service (S3) buckets. Next year, Amazon plans on adding support for EC2 environments, DynamoDB, RDS, EFS and AWS Glue.
Amazon Macie has already been used by companies such as Edmunds, Netflix and Autodesk.
The launch of Amazon Macie comes after many high-profile organizations have been caught leaking sensitive data via misconfigured S3 buckets. The list of affected entities includes the United States National Geospatial-Intelligence Agency (NGA), Verizon, Dow Jones & Company, and hundreds of millions of U.S. voters.
Related: Amazon Releases New Open Source Implementation of TLS Protocol
Related: Amazon Launches Web Application Firewall for AWS
Related: Amazon Offers Free SSL/TLS Certificates
Related: Amazon Launches Security and Compliance Analysis Tool for AWS
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- ICS Cybersecurity Firm Opscura Launches With $9.4 Million in Series A Funding
- Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
- VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- GoAnywhere MFT Users Warned of Zero-Day Exploit
Latest News
- OpenSSL Ships Patch for High-Severity Flaws
- Software Supply Chain Security Firm Lineaje Raises $7 Million
- ICS Cybersecurity Firm Opscura Launches With $9.4 Million in Series A Funding
- Vulnerability Provided Access to Toyota Supplier Management Network
- Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
- Linux Variant of Cl0p Ransomware Emerges
- VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks
- Comcast Wants a Slice of the Enterprise Cybersecurity Business
