sb-nz logo
Story image

AWS launches 'Macie', its newest machine learning security service

16 Aug 2017

Amazon Web Services (AWS) has welcomed the newest addition to its portfolio, a machine learning security service called Amazon Macie.

So far, major global firms including Netflix and Autodesk are using the service, but now it has expanded to include Amazon Simple Storage Service (Amazon S3) customers.

The service is designed to help customers prevent data loss by automatically discovering, classifying and protecting sensitive data stored in AWS and Amazon Simple Storage Service (Amazon S3).

That sensitive data includes personally identifiable information and intellectual property. The service is able to monitor data access for anomalies and can generate alerts when unauthorised access, data leaks or when data is moved or accessed.

It is also able to customise automated remediation actions, such as password reset policies or access control list resets.

Amazon Web Services CISO Stephen Schmidt says that when sorting through massive amounts of content, identifying data manually can be like finding needles in a haystack.

 “Amazon Macie approaches information security in a more intelligent way. By using machine learning to understand the content and user behaviour of each organization, Amazon Macie can cut through huge volumes of data with better visibility and more accurate alerts, allowing customers to focus on securing their sensitive information instead of wasting time trying to find it,” he explains.

Macie works by automating formerly labour-intensive processes, such as developing and updating data classifications, through machine learning techniques.

It is able to analyse where an organisation’s sensitive information is located, how it is accessed, and basic properties of user authentication such as their location and time of access.

Once it forms a baseline, Macie then spots behaviour that looks out of place. This behaviour could be downloads of large source code amounts, unsecure credential storage or accidental public storage of private data.

AWS says that the Macie console is able to put the most important information front and centre, and is also able to guide users through issue resolution.

Netflix senior cloud security engineer Patrick Kelley says that with 104 million users in 190 countries, customer data security is critical.

“Netflix is the world’s leading internet television network with 104 million members in over 190 countries enjoying more than 125 million hours of TV shows and movies per day. “The security of our customers’ data is a top priority for Netflix, and we’ve invested substantial resources to build tools that protect sensitive information against unauthorized access or leaks,” Kelley explains.

“Since we started using Amazon Macie, we’ve found that it is flexible enough to solve a range challenges that would have previously required us to write custom code or build internal tools, such as securing PII and alerting us to access anomalies, helping us move fast with confidence.”

This week, McAfee also announced that it will make its Virtual Network Security Platform available on AWS available as a free 72-hour trial for users.

“AWS covers a lot of ground, such as security of the cloud, but users are still responsible for their security in the cloud—including securing their operating systems, applications and data traffic,” comments McAfee’s vice president of the network security business unit, Shishir Singh.

The company says that advanced malware can access AWS workloads through network traffic, cross site scripting, botnets and SQL injection attacks. If one AWS virtual server is compromised, the malware can also spread to other servers.

The Virtual Network Security Platform is able to monitor an entire network segment and protect a single workload.

Story image
Lumen launches managed security services for APAC market
The new service is designed to provide enterprise businesses with a proactive, connected security strategy to enhance threat detection and protection across endpoints. More
Story image
Creating private data regulations for employees
Whether employees are hired on a part-time or full-time basis, everyone must know about data privacy regulations. Everyone needs to be responsible for keeping the organisation’s data secure. More
Story image
Why zero trust could fail due to lack of understanding​, not technology
Security architects are being forced to re-examine the concept of identity, with many turning to a zero trust security model to provide a better architecture for protecting their sensitive resources.More
Story image
SOC, SIEM, SOAR and SASE define Fortinet’s Security Fabric
Cornelius Mare, Fortinet A/NZ Director, Security Solutions, deciphers the jargon and explains how an alphabet soup of integrated security services spells comprehensive protection for your network and ensures business continuity.More
Story image
Palo Alto Networks launches new SD-WAN solutions and enhancements
Palo Alto Networks has introduced two new SD-WAN appliances and enhancements to its next-generation SD-WAN solution, expanding the company’s CloudGenix SD-WAN solutions reach.More
Story image
Five Eyes nations want legal access to backdoors to fight 'illegal content'
The nations argue that encryption can make the enforcement of public safety difficult, particularly when it comes to serious problems like child exploitation. More