Amazon Detective

Analyze and visualize security data to investigate potential security issues

Try a 30-day free trial

How it works

Amazon Detective simplifies the investigative process and helps security teams conduct faster and more effective investigations. With the Amazon Detective prebuilt data aggregations, summaries, and context, you can quickly analyze and determine the nature and extent of possible security issues.

Diagram showing how Amazon Detective investigates potential security issues.
What is Amazon Detective? (01:34)
What is Amazon Detective?
Amazon Detective automatically collects log data from your AWS resources and uses machine learning (ML), statistical analysis, and graph theory to build a dataset that you can use to conduct more efficient security investigations.

Use cases

Triage security findings

Verify or disprove suspicious findings by investigating AWS Identity and Access Management (IAM) roles, users, IP addresses, and AWS accounts.

Learn more about threat verification »

Investigate incidents with interactive visualizations

Determine the extent of malicious activity, its impact, and the underlying cause by analyzing relevant historical activities for patterns.

Learn more about investigating activity »

Track down threats

Focus on specific resources, such as Amazon Elastic Compute Cloud (EC2) instances, and review detailed visualizations of associated activities.

Learn more about discovering threats »

Scale efficiency in security investigations with generative AI

Analyze, summarize, and more rapidly comprehend threats for security investigations.

Learn more about threats »

How to get started

Explore Amazon Detective

Learn how to use Amazon Detective to investigate suspicious activity.

Contact an expert

Triage security findings, pin down threats, and investigate suspicious activity.

Learn the basics

Gain a foundational understanding of Amazon Detective.


Explore more of AWS