Posted On: Feb 20, 2023

You can now learn to use Amazon Detective with a new self-paced workshop in AWS Workshop Studio. AWS Workshop Studio is a collection of self-paced tutorials designed to teach practical skills and techniques to solve business problems. Amazon Detective Workshop is designed to teach you how to use the primary features of Detective through a series of interactive modules that cover topics such as security alert triage, security incident investigation, and threat hunting. Together with an updated Amazon GuardDuty Workshop, you can learn how to identify security findings and more quickly analyze and determine the nature and extent of those security issues.

Detective makes it easier to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. Once enabled, Detective automatically collects log data from AWS resources and uses machine learning, statistical analysis, and graph theory to build interactive visualizations to run faster and more efficient security investigations. Detective analyzes events from multiple data sources such as Amazon Virtual Private Cloud (VPC) Flow Logs, AWS CloudTrail logs, Amazon GuardDuty findings, and Amazon Elastic Kubernetes Service (EKS) audit logs to create a unified, interactive view of your resources, users, and the interactions between them. With this unified view, you can visualize all the details and context in one place to identify the underlying reasons for security findings, drill down into relevant historical activities, and quickly determine root cause.

To get started with the Detective Workshop Studio, visit Amazon Detective Workshop. You can also get started with your 30-day free trial of Detective with just a few clicks in the AWS Management console. See the AWS Regions page for all the regions where Detective is available. To learn more, visit the Amazon Detective product page