AWS IoT Device Defender is a fully managed service that helps you secure your fleet of IoT devices. AWS IoT Device Defender continuously audits your IoT configurations to make sure that they aren’t deviating from security best practices. A configuration is a set of technical controls you set to help keep information secure when devices are communicating with each other and the cloud. AWS IoT Device Defender makes it easy to maintain and enforce IoT configurations, such as ensuring device identity, authenticating and authorizing devices, and encrypting device data. AWS IoT Device Defender continuously audits the IoT configurations on your devices against a set of predefined security best practices. AWS IoT Device Defender sends an alert if there are any gaps in your IoT configuration that might create a security risk, such as identity certificates being shared across multiple devices or a device with a revoked identity certificate trying to connect to AWS IoT Core.
AWS IoT Device Defender also lets you continuously monitor security metrics from devices and AWS IoT Core for deviations from what you have defined as appropriate behavior for each device. If something doesn’t look right, AWS IoT Device Defender sends out an alert so you can take action to remediate the issue. For example, traffic spikes in outbound traffic might indicate that a device is participating in a DDoS attack. AWS Greengrass and Amazon FreeRTOS automatically integrate with AWS IoT Device Defender to provide security metrics from the devices for evaluation.
AWS IoT Device Defender can send alerts to the AWS IoT Console, Amazon CloudWatch, and Amazon SNS. If you determine that you need to take an action based on an alert, you can use the AWS IoT Device Management service to take mitigating actions such as pushing security fixes.
Audit Device Configurations for Security Vulnerabilities
Continuously Monitor Device Behavior to Identify Anomalies
Receive Alerts and Take Action
How It Works
Continuous Compliance and Adoption of Security Best Practices
Attack Surface Evaluation
Threat Impact Analysis
“AWS IoT Device Defender provides device behavior monitoring that is a must-have for any IoT company that is building a secure infrastructure.”
- Franz Garsombke, CTO, Rachio
"SolarNow’s business reputation and revenue model is built on zero-tolerance of any controllable service disruption. AWS IoT Device Defender and Eseye global AnyNet Secure connectivity is the easiest, quickest and most cost-effective way for us to achieve and scale a high level of device security and anomaly detection. This protects our customers from service interruptions and SolarNow’s reputation for excellent customer service.”
- Peter Huisman, CTO, SolarNow