Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Skip to main content

Amazon Detective
Try a 30-day free trial of Amazon Detective

Amazon Detective

Analyze and visualize security data to investigate potential security issues

Get started with Detective

What is Detective?

Amazon Detective automatically collects log data from your AWS resources and uses machine learning (ML), statistical analysis, and graph theory to build a dataset that you can use to conduct more efficient security investigations.

Benefits of Detective

Determine potential security issues through a unified view of user and resource interactions.
Save time and effort with graph models that automatically summarize security-related relationships running on AWS.
Investigate and respond to security findings with streamlined visualizations.
Accelerate security investigations with generative AI insights to more quickly comprehend threats

Use cases

Verify or disprove suspicious findings by investigating AWS Identity and Access Management (IAM) roles, users, IP addresses, and AWS accounts.

Learn more about threat verification

Determine the extent of malicious activity, its impact, and the underlying cause by analyzing relevant historical activities for patterns.

Learn more about investigating activity

Focus on specific resources, such as Amazon Elastic Compute Cloud (EC2) instances, and review detailed visualizations of associated activities.

Learn more about discovering threats

Analyze, summarize, and more rapidly comprehend threats for security investigations.

Learn more about threats