New capabilities expand coverage to other AWS workloads and core deployment use cases, delivering security findings with resource-specific details. Amazon Web Services (AWS) has added three new capabilities to its threat detection service Amazon GuardDuty. The new features expand GuardDuty protection to container runtime behavior, as well as database and serverless environments, strengthening customer security through enhanced coverage, AWS said.GuardDuty is part of a broad set of AWS security services that help customers identify potential security risks. It uses machine learning and integrated threat intelligence to detect suspicious data access, potential Amazon Elastic Compute Cloud (Amazon EC2) compromise, and malware.The three new capabilities are EKS Runtime Monitoring, RDS Protection, and Lambda Protection. These have been added to the hundreds of features already available within GuardDuty and can be enabled with no other requirements or prerequisites, according to AWS. New capabilities expand AWS security detection and monitoringThe capabilities expand security coverage to other AWS workloads and core deployment use cases, delivering actionable, contextual, and timely security findings with resource-specific details to help users investigate and respond to incidents, the company said in its announcement. EKS Runtime Monitoring deepens threat detection inside customers’ containerized workloads, GuardDuty RDS Protection helps customers protect data stored in Amazon Aurora databases, and GuardDuty Lambda Protection helps customers detect threats to their serverless applications. GuardDuty EKS Runtime Monitoring is a fully managed, lightweight security agent that profiles and monitors on-host operating system–level behavior such as file access, process execution, and network connections, AWS said. It deepens GuardDuty protection for Amazon EKS deployments and decreases the operational overhead and complexity often required to achieve this level of coverage, making it easier to achieve runtime coverage across all Amazon EKS workloads in an account or organization, according to the firm. It also helps customers identify steps in an attack, signaling them early to contain potential security threats before the threat escalates to broader business-impacting breaches, AWS said.GuardDuty RDS Protection identifies potential threats to data stored in Aurora databases, profiling, and monitoring access activity to existing and new databases in customer accounts, AWS said. It uses integrated threat intelligence and a machine learning model that is trained with highly contextual RDS login activity, detecting suspicious login activity to Aurora databases. GuardDuty Lambda Protection mitigates security risks in customers’ serverless applications, continuously monitoring serverless workloads. It analyzes network communications mapped back to individual Lambda functions to detect malicious communications and popular compromise activity, such as cryptocurrency mining, according to AWS.In November last year, AWS launched Amazon Security Lake, a new cybersecurity service that centralizes security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account. Related content news analysis SEC rule for finance firms boosts disclosure requirements Amendments to Regulation S-P requires broker-dealers, investment companies, registered investment advisers, and transfer agents to disclose incidents to customers. By Evan Schuman May 17, 2024 5 mins Data Breach Financial Services Industry Data Privacy feature DDoS attacks: Definition, examples, and techniques Distributed denial of service (DDoS) attacks have been part of the criminal toolbox for over twenty years, and they’re only growing more prevalent and stronger. By Josh Fruhlinger May 17, 2024 10 mins DDoS Cyberattacks news FCC proposes BGP security measures Protecting the Border Gateway Protocol is as important as protecting the border. By Gyana Swain May 17, 2024 1 min Regulation Network Security news US AI experts targeted in cyberespionage campaign using SugarGh0st RAT Threat actors use phishing techniques to obtain non-public information about generative artificial intelligence. By Lucian Constantin May 16, 2024 4 mins Phishing Data and Information Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe