Site icon Check Point Blog

Dome9’s Amazon GuardDuty Integration Reduces Mean Time to Threat Detection in AWS Environments

Dome9 offers a comprehensive security and compliance automation solution purpose-built for the public cloud. As an advanced AWS technology partner, we have built rich integrations with the powerful security services that AWS offers. In addition to integrating with AWS security and configuration services such as AWS Config, AWS CloudTrail and VPC flow logs, Dome9 integrates the Amazon Inspector service into its security automation framework. We talked about this integration in detail in a previous blog post. In this post, we cover Dome9’s new integration with another powerful AWS service, Amazon GuardDuty.

What is Amazon GuardDuty?

Amazon GuardDuty is an intelligent threat detection service that helps customers protect their AWS accounts and workloads by continuously monitoring account and network activity for malicious or unauthorized behavior. You can enable it with a single click and see findings within minutes.

Dome9 + Amazon GuardDuty Integration

The Dome9 Arc platform builds an entity model of a customer’s AWS environment that allows them to explore security configurations and policies. For example, this is the view of an EC2 server in Dome9 Arc.

Dome9’s integration with Amazon GuardDuty reduces your mean time to detect threats by investigating and prioritizing the alerts on your behalf. We ingest GuardDuty data along with external threat intelligence feeds to provide enhanced context around network and security configuration, IAM privileges, host vulnerabilities and threat detection. These findings are presented directly in the entity explorer view.

 

[wp_colorbox_media url=”https://dome9.com/wp-content/uploads/2018/03/etcd-1-960×469.png” type=”image” hyperlink=”https://dome9.com/wp-content/uploads/2018/03/etcd-1-960×469.png” alt=””]

Dome9 is a force multiplier for AWS, allowing organizations to use the native security capabilities of the public cloud platform more effectively at scale. Dome9 complements the powerful capabilities of the AWS platform with security and compliance orchestration that allows customers to deploy, configure and run AWS security services optimally at scale.

We are just getting started building our integration with Amazon GuardDuty. Watch this space for more updates. You can get started with a free trial of the Dome9 platform today.

Exit mobile version