Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

Amazon Unveils Machine Learning Security Service

Amazon Launches “Macie” Security Service to Protect Data in AWS

Amazon Launches “Macie” Security Service to Protect Data in AWS

Amazon announced this week the launch of Macie, a new security service that helps Amazon Web Services (AWS) users discover, classify and protect sensitive data.

Amazon Macie uses machine learning to automatically identify and protect personally identifiable information (PII), intellectual property and other sensitive data, and informs users of how their data is being accessed or moved via dashboards and alerts.

When deployed, Amazon Macie creates a baseline and then uses a behavior analytics engine to detect risky or suspicious activity. Customers can define automated remediation actions, including for resetting passwords and access control lists (ACLs), and create custom alert management via CloudWatch Events for integration with existing security ticketing systems.

Security and compliance events that could pose a risk are classified into 20 categories, including API keys and credentials stored in source code, high-risk data events, credentials within unencrypted backups, and various activities that could represent the early stages of an attack.

The product can be integrated with security information and event management (SIEM) and managed security service provider (MSSP) services.

Pricing for Amazon Macie is based on the amount of data that is classified, captured and analyzed. Additional fees are charged for the optional Extended Data Retention feature, which increases the metadata retention period.

The Macie console can be found in the AWS Management Console. However, the service is currently supported only in Northern Virginia and Oregon, and it can only protect data stored in Amazon Simple Storage Service (S3) buckets. Next year, Amazon plans on adding support for EC2 environments, DynamoDB, RDS, EFS and AWS Glue.

Amazon Macie has already been used by companies such as Edmunds, Netflix and Autodesk.

The launch of Amazon Macie comes after many high-profile organizations have been caught leaking sensitive data via misconfigured S3 buckets. The list of affected entities includes the United States National Geospatial-Intelligence Agency (NGA), Verizon, Dow Jones & Company, and hundreds of millions of U.S. voters.

Related: Amazon Releases New Open Source Implementation of TLS Protocol

Related: Amazon Launches Web Application Firewall for AWS

Related: Amazon Offers Free SSL/TLS Certificates

Related: Amazon Launches Security and Compliance Analysis Tool for AWS

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.