Category: Amazon Detective

In this post, the first in a two-part series, we focus on the detection and forensic readiness side of satellite IR. This post walks through instrumenting your ground segment with Amazon Web Services (AWS) security services and AWS Ground Station so that threats surface before they cause damage, and forensic data is already flowing when an incident occurs.

This blog covers what to do when those detections fire. Satellite incident response (IR) must account for constraints that ground-based systems never face: containment actions that wait for the next orbital pass, decisions that trade mission continuity against security, and recovery procedures where the compromised endpoint cannot be physically accessed. It walks through containment, eradication, recovery, automated runbooks, and tabletop exercises designed for satellite operations teams.

In this post, we demonstrate how to use the advanced malware detection features of Amazon GuardDuty to uncover malicious and suspicious files compromising your Amazon Elastic Compute Cloud (Amazon EC2) instances. We use the investigative capabilities of Amazon Detective to gain deeper insights into the security event. After the key questions about the security event are addressed, we outline steps to remediate the potentially compromised EC2 instance.

This post is part three of a four-part series that addresses how a Cloud Center of Excellence (CCoE) can be a viable solution to address the challenges of digital transformation. In this post, we address the three technical perspectives of the Amazon Web Services Cloud Adoption Framework (AWS CAF). While the business, organizational, and governance perspectives of the AWS CAF are crucial, the CCoE must also focus on the technical capabilities required to build and operate a cloud environment that meets the organization’s needs.

Amazon Web Services (AWS) is continuing its collaboration with Defending Digital Campaigns (DDC) to offer more than 20 cybersecurity-related AWS services for low-to-no cost to all active and registered national party committees and federal candidate campaigns.