SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
AWS launches 'Macie', its newest machine learning security service
Wed, 16th Aug 2017
FYI, this story is more than a year old

Amazon Web Services (AWS) has welcomed the newest addition to its portfolio, a machine learning security service called Amazon Macie.

So far, major global firms including Netflix and Autodesk are using the service, but now it has expanded to include Amazon Simple Storage Service (Amazon S3) customers.

The service is designed to help customers prevent data loss by automatically discovering, classifying and protecting sensitive data stored in AWS and Amazon Simple Storage Service (Amazon S3).

That sensitive data includes personally identifiable information and intellectual property. The service is able to monitor data access for anomalies and can generate alerts when unauthorised access, data leaks or when data is moved or accessed.

It is also able to customise automated remediation actions, such as password reset policies or access control list resets.

Amazon Web Services CISO Stephen Schmidt says that when sorting through massive amounts of content, identifying data manually can be like finding needles in a haystack.

 “Amazon Macie approaches information security in a more intelligent way. By using machine learning to understand the content and user behaviour of each organization, Amazon Macie can cut through huge volumes of data with better visibility and more accurate alerts, allowing customers to focus on securing their sensitive information instead of wasting time trying to find it,” he explains.

Macie works by automating formerly labour-intensive processes, such as developing and updating data classifications, through machine learning techniques.

It is able to analyse where an organisation's sensitive information is located, how it is accessed, and basic properties of user authentication such as their location and time of access.

Once it forms a baseline, Macie then spots behaviour that looks out of place. This behaviour could be downloads of large source code amounts, unsecure credential storage or accidental public storage of private data.

AWS says that the Macie console is able to put the most important information front and centre, and is also able to guide users through issue resolution.

Netflix senior cloud security engineer Patrick Kelley says that with 104 million users in 190 countries, customer data security is critical.

“Netflix is the world's leading internet television network with 104 million members in over 190 countries enjoying more than 125 million hours of TV shows and movies per day. “The security of our customers' data is a top priority for Netflix, and we've invested substantial resources to build tools that protect sensitive information against unauthorized access or leaks,” Kelley explains.

“Since we started using Amazon Macie, we've found that it is flexible enough to solve a range challenges that would have previously required us to write custom code or build internal tools, such as securing PII and alerting us to access anomalies, helping us move fast with confidence.

This week, McAfee also announced that it will make its Virtual Network Security Platform available on AWS available as a free 72-hour trial for users.

“AWS covers a lot of ground, such as security of the cloud, but users are still responsible for their security in the cloud—including securing their operating systems, applications and data traffic,” comments McAfee's vice president of the network security business unit, Shishir Singh.

The company says that advanced malware can access AWS workloads through network traffic, cross site scripting, botnets and SQL injection attacks. If one AWS virtual server is compromised, the malware can also spread to other servers.

The Virtual Network Security Platform is able to monitor an entire network segment and protect a single workload.