« Security, Identity & Compliance

Detection and Response on AWS

Continuously detect and respond to security risks to help protect your workloads, at scale
AWS detection and response services work together to help you enhance your security posture and streamline security operations across your entire AWS environment by continuously identifying and prioritizing security risks, while integrating security practices earlier in the development lifecycle.

Protect your workloads against security risks

Continuously identify software vulnerabilities, misconfigured cloud resources, potential threats, and exposed resources, credentials, and sensitive data to external networks, to help your organization operate more securely on AWS.

Centralize monitoring to enhance visibility into potential risks

Gain improved security visibility of your entire environment by aggregating security data from AWS services and partner products across your accounts and Regions, helping you to centralize your security operations and streamline your cloud security posture monitoring.

Investigate, protect, and respond quickly to security incidents across your environment

Swiftly prioritize alerts, organize triage, and conduct root cause analysis to expediate response and remediation, helping to ensure robust protection for your critical workloads.

Unlock security innovation across hybrid environments

Normalize and combine security data from cloud and on-premises sources, gain a holistic view of your security, and leverage your preferred analytics tools to investigate and respond to events, all while retaining control and ownership of your data.
What is Detection and Response on AWS?

Get started with detection and response on AWS

Amazon GuardDuty

Protect your AWS accounts and workloads with intelligent threat detection.

AWS Security Hub

Automate AWS security checks and centralize security alerts.

Amazon Inspector

Automated and continual vulnerability management at scale.

Amazon Security Lake

Automatically centralize your security data in a few steps.

Amazon Redshift
Amazon Macie

Discover and protect your sensitive data at scale.

Amazon S3
Amazon Detective

Analyze and visualize security data to investigate potential security issues.

Use cases

Threat detection and workload protection

Defend your accounts and workloads from potential threats, streamline threat response with automation, and minimize business impact through faster remediation and recovery time.

Automated and continual vulnerability management

Automatically discover and quickly route vulnerability findings in near real time to the appropriate teams, so they can take immediate action.

Centralized monitoring and continuous cloud security posture management (CSPM)

Continuously detect and remediate cloud resource misconfigurations and compliance risks to ensure your environment is operating according to security best practices.

Unified security data management

Consolidate and analyze security-related data to facilitate broader visibility, and investigate and respond to suspicious activities and security incidents.

Discover and protect workloads and data to meet your compliance obligations

Discover and protect sensitive data and workloads to increase visibility and automate remediation of your data security risks.

Expedia logo

"Expedia needs to stay up to date with global and local compliance requirements and the ability to process, analyze, and control the vast amounts of data we generate. The AWS solution we built around Amazon Macie has helped us automate data scanning, tagging, sampling, and identification and implement rule configuration, generation of metrics, and scaling security controls. With Macie at the solution's core, we can reduce the footprint on our sensitive data. By reducing PII data, we can open up data access to our analysts while reducing exposure and, at the same time, resulting in an empowering and enriching experience for our customers."

Case studies

- Aaron Miller
Principal Engineer, Expedia Group

Learn how Expedia uses Macie for data protection at petabyte scale »

Featured content

Explore this infographic for an overview of detection and response services.

Learn more

Read this eBook for an overview of detection and response on AWS. 

Learn more

AWS security services for container threat detection (54:53)
Enhanced threat detection for Amazon EKS with Amazon GuardDuty (59:33)
Build your security data lake with Amazon Security Lake, featuring IPG (53:52)
Vulnerability management at scale drives enterprise transformation (59:34)
Continuous innovation in AWS detection and response services (56:21)

Blogs
1