Posted On: Oct 7, 2022
Amazon Detective has improved it’s search capability by adding support for case insensitivity with security findings and entities. You can now conduct security investigations without having to search for exact upper or lowercase characters. For example, if you wanted to search for “Admin” or “admin” logins, you can use either term to show results for all admin logins across data sources that store text such as AWS CloudTrail, Amazon GuardDuty findings, and Amazon EKS audit logs.
By adding support for case insensitivity, Detective makes it quicker to investigate potential security issues across your AWS workloads by only having to conduct one search that matches characters regardless of case. You do not need to do anything to take advantage of this new functionality. All Detective searches will now support case insensitivity by default. Combined with wildcard support released earlier this year, Detective makes searching easier to identify suspicious activity.
The improved search support is available today in all AWS Regions that support Detective. To learn more, see the Amazon Detective User Guide. To get started with Amazon Detective, go to the AWS Management Console and select Amazon Detective to begin your 30-day free trial.