Amazon Detective

Analyze and visualize security data to investigate potential security issues

Try a 30-day free trial

How it works

Amazon Detective simplifies the investigative process and helps security teams conduct faster and more effective investigations. With the Amazon Detective prebuilt data aggregations, summaries, and context, you can quickly analyze and determine the nature and extent of possible security issues.

Diagram showing how Amazon Detective investigates potential security issues.
什么是 Amazon Detective? (01:34)
什么是 Amazon Detective?
Amazon Detective 会自动从您的 AWS 资源中收集日志数据并使用机器学习 (ML)、统计分析和图论来构建一组关联的数据集,使您能够进行更有效的安全调查。

Use cases

Triage security findings

Verify or disprove suspicious findings by investigating AWS Identity and Access Management (IAM) roles, users, IP addresses, and AWS accounts.

Learn more about threat verification »

Investigate incidents with interactive visualizations

Determine the extent of malicious activity, its impact, and the underlying cause by analyzing relevant historical activities for patterns.

Learn more about investigating activity »

Track down threats

Focus on specific resources, such as Amazon Elastic Compute Cloud (EC2) instances, and review detailed visualizations of associated activities.

Learn more about discovering threats »

Scale efficiency in security investigations with generative AI

Analyze, summarize, and more rapidly comprehend threats for security investigations.

Learn more about threats »

How to get started

Explore Amazon Detective

Learn how to use Amazon Detective to investigate suspicious activity.

Contact an expert

Triage security findings, pin down threats, and investigate suspicious activity.

Learn the basics

Gain a foundational understanding of Amazon Detective.

更深入了解 AWS