Amazon Web Services (AWS) has launched a new service called AWS Security Incident Response, aimed at helping businesses handle and recover from cyberattacks more efficiently.
This move comes as companies struggle with creating effective incident response plans—recent surveys show that only 60% of organizations have one in place, and just a third conduct regular drills.
AWS Security Incident Response targets threats like account takeovers, ransomware, and breaches by automating the triage of findings from Amazon GuardDuty and other third-party cybersecurity tools. The service provides a dashboard that integrates messaging, data transfer, and metrics, allowing companies to manage and resolve incidents more effectively.
One key feature is the proactive incident response, which allows AWS to monitor, investigate, and remediate findings using automated services. For findings that can’t be fixed automatically, the service creates security cases, notifying relevant personnel.
AWS differentiates itself from competitors by offering dedicated support from its own customer incident response team. The service is also integrated with other AWS security tools, making it a convenient option for businesses already using AWS services.
Currently available via the AWS management console and APIs, AWS Security Incident Response is already in use by clients such as the PGA Tour. With the global incident response market projected to grow significantly, this service positions AWS to capitalize on a rapidly expanding sector.
