The Biggest Security Announcements from AWS re:Invent 2024

(deepadesigns/Shutterstock)

If you’ve been keeping up with tech news, you’ve likely seen a surge of updates from AWS re:Invent 2024 – Amazon Web Services’ (AWS) annual conference for the global cloud computing community.

Among the many announcements, AWS introduced new features and tools focused on improving cloud security.  These updates aim to help organizations better protect their data and manage risks in increasingly complex environments.

AWS introduced the AWS Security Incident Response service at re:Invent 2024 to help organizations quickly prepare for and respond to security incidents in their AWS environments. Key capabilities include integration with Amazon GuardDuty and AWS Security Hub for automated monitoring and triaging of security findings and a centralized dashboard for a more coordinated response to threats. 

Users get 24/7 access to AWS Customer Incident Response Team (CIRT) and post-incident reporting with recommended remediation actions. AWS Security Incident Response is now available in 12 AWS Regions globally. 

(Michael-Vi/Shutterstock)

“Security events are becoming more pervasive and complex for customers,” AWS shared in a news blog. “Security teams often face an overwhelming number of daily alerts, leading to potential misplaced priorities of resources and reduced effectiveness. Manual investigation of findings strains resources and may cause customers to overlook critical security alerts. 

“Additionally, coordinating responses across multiple stakeholders, managing permissions in various environments, and documenting actions complicate the process. There is an opportunity to better support customers and remove various points of undifferentiated heavy lifting that customers face during security events.”

With the launch of the AWS GuardDuty Extended Threat Detection, the company aims to further strengthen security by leveraging AI and machine learning (ML) to provide deeper insights into threats like credentials and data exfiltration. It introduces attack sequence findings, critical severity alerts, and natural language summaries mapped to the MITRE ATT&CK Framework.

AWS has also updated its Network Firewall capabilities. It can now filter networks based on the geographic location of IP addresses. This capability simplifies compliance with regional regulations and assists in mitigating risks from threats originating in particular locations. 

As organizations look to simplify their security processes, using trusted solutions is essential for better protection and less complexity. The new Amazon Security Lake Ready Specialization highlights AWS Partners who have proven that their software works with Amazon Security Lake and have successfully deployed it for customers.

(Gorodenkoff/Shutterstock)

This means that these solutions have been reviewed by AWS Partner Solutions Architects for their solid architecture and proven customer success. They either contribute to or use data from Security Lake, offering a unified approach to security.

AWS also announced the general availability of Amazon OpenSearch Service zero-ETL integration with Amazon Security Lake. Key features include querying Security Lake data directly with OpenSearch, using the Open Cybersecurity Schema Framework (OCSF) for easier analysis, and improving security monitoring with OpenSearch Dashboards.

“For time-sensitive investigations and monitoring, you can optionally boost query performance by enabling additional accelerations such as indexed views and dashboards in Amazon OpenSearch Service when you need fast and frequent access to a subset of your data,” stated AWS via a blog on this announcement. 

“These capabilities provide complete visibility into all your data stored in Security Lake, regardless of the log volume, to support security investigations, better understanding of your security posture, and gain security-relevant insights.”

Launched in 2022, the AWS Clean Rooms is a fully managed service that enables secure data collaboration and analysis without exposing sensitive information. Last year AWS enhanced the service by adding ML and differential privacy features. 

(PopTika/Shutterstock)

At re:Invent 2024, AWS expanded Clean Rooms’ capabilities to support collaboration with datasets across multiple clouds and data sources, including Snowflake and Amazon Athena. This update enables organizations to collaborate on real-time data without moving or sharing underlying datasets, simplifying the process and cutting costs.

Building on its focus on secure and innovative solutions, AWS has introduced an AI Security category within its Security Competency, aimed at helping customers identify partners with expertise in securing AI environments. 

According to AWS, these partners are validated for capabilities such as preventing data leaks, mitigating attacks, and implementing responsible AI practices. The category is designed to address the increasing security challenges posed by AI adoption. 

Related Items 

BigID Expands Capabilities with New Features to Enhance Security and Compliance

New AWS Service Lets Businesses Upload Data to Cloud From Secure Terminals

Cloud Security Alliance Introduces Comprehensive AI Model Risk Management Framework