AWS launches GuardDuty’s latest AI/ML-powered threat detection capabilities for advanced cloud security

by

Azunta Gaviola

-

9 months ago

The ‘What’s NEXT in Marketing 2025’ series is making waves in Singapore, the Philippines, Hong Kong, Indonesia, and Malaysia. Join us in shaping the future of marketing!

Singapore – Aiming to advance cloud security, Amazon Web Services has recently announced new updates to its Amazon GuardDuty, incorporating advanced AI/ML threat detection capabilities. This new feature allows the use of extensive cloud visibility and scale of AWS to provide improved threat detection for your applications, workloads, and data. 

According to the firm, the platform now features new AI/ML capabilities that correlate security signals to identify active attack sequences in your AWS environment. These sequences may involve multiple steps taken by an adversary, including privilege discovery, API manipulation, persistence activities, and data exfiltration. 

Moreover, it also introduces new attack sequence findings and improves actionability for existing detections in areas such as credential exfiltration, privilege escalation, and data exfiltration. 

With this enhancement, GuardDuty provides composite detections that integrate data across various sources, timelines, and resources, offering a more holistic view of complex cloud attacks within one’s account.

In addition, the new capabilities further bring attack sequence findings to GuardDuty, classified as critical severity. These findings include a natural language summary describing the threat’s nature and impact, observed activities aligned with MITRE ATT&CK tactics and techniques, and prescriptive remediation steps based on AWS best practices.

In terms of functionality, the GuardDuty includes new widgets on the summary page, such as (q) an overview widget showing the number of attack sequences; (2) a widget displaying findings broken down by severity; and (3) the ability to filter for top attack sequences.

On the other hand, types of findings under it encompass indication of potential data compromise, possibly part of a larger ransomware attack, and detection of misuse of compromised credentials in early attack stages.

These findings further provide extensive details such as specific user actions, affected accounts and resources, extended time periods of activity, multiple signals observed over time, and tactics and techniques mapped to the MITRE ATT&CK framework.

Additionally, extended capabilities include automatic activation for all accounts in a region, availability at no extra cost in all supported commercial AWS regions, and integration with existing GuardDuty workflows, such as AWS Security Hub and Amazon EventBridge.

The firm further revealed that said enhancement improves cloud security by automating the detection of sophisticated attack patterns and providing actionable insights, assisting security teams to concentrate on mitigating critical threats effectively.

The NEXT Awards 2025 is here, and we’re seeking the most innovative marketing campaigns from Indonesiathe Philippines, Malaysia, Singapore and Asia Pacific. Submit your entry today and showcase your best work!
Share

RECENT ARTICLES

Xtend launches marketplace-focused e-commerce solution in Southeast Asia
U Mobile, MRCA collaborate to support digitalisation in Malaysia’s retail sector
Circles partners with OpenAI to develop AI-native telco platform
Indosat partners with Google Cloud to deliver smarter in-app search
Malaysia Airlines adopts Amadeus Travel Ready integration, streamlining passenger experience
Ellipse 3

RELATED ARTICLES

Comviva, AWS partnership to accelerate market time, revenue growth for businesses using AI, cloud-first solutions_11zon
Amazon Web Services announces partnership with Australian gov’t for enhanced defence, intelligence capabilities (1) (2)
Chevron, AWS reStart partnership to drive cloud computing skills amongst underprivileged individuals in PH_11zon
Ellipse 3

FEATURED ARTICLES

1_Huawei unveils smart tech strategies for secure, transparent e-commerce future 
1_Beyond the cart Shoppertainment execs on harnessing the potential of live commerce for unmatched customer experience_11zon
EW2025_(UT)Launch Article_Feature Image_11zon

Subscribe to UpTech Media Newsletter

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.