AWS IoT Device Defender
Security management across your IoT devices and fleets
End of Support Notice
The AWS IoT Device Defender detect feature will no longer be available to new customers starting on August 31, 2026. If you would like to use the detect feature, please sign up prior to August 31, 2026. To learn about alternatives to IoT Device Defender detect, visit the documentation page. There is no change to IoT Device Defender audit availability.
Benefits
Audit the security posture of IoT resources across your device fleet to easily identify gaps and vulnerabilities.
Use machine learning (ML) models or define your own device behaviors to monitor traffic from a malicious IP or a spike in connection attempts.
Get security alerts when an audit fails or behavior anomalies are detected. Quickly take actions to minimize operational risk.
Easily mitigate security issues through built-in actions such as updating a device certificate, quarantining a group of devices, or replacing default policies.
AWS IoT Device Defender
Use cases
Implement security controls, such as authentication, authorization, and continual auditing, with various levels of strictness to comply with security best practices and monitor devices for any anomalies.
Send alarms to the AWS IoT console, Amazon CloudWatch, Amazon Simple Notification Service (SNS), and AWS IoT Device Management, and take mitigation actions such as pushing security fixes.
Detect the use of insecure network services and protocols with known security weaknesses, and plan the appropriate remediation to prevent unauthorized device access or data disclosure.
Use ML models to analyze historical device data. For example, you can continuously ingest and evaluate message size data, which can point to issues such as credential abuse.