I’m a few days late on this, but I just read on the AWS blog that they launched a new service called Amazon Macie on August 14. According to the website, Macie is “a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS.” Here are a few points that stood out for me:
- It looks like S3 is the initial data store for the service, and that is welcome news based on the recent high-profile data exposures caused by misconfiguration of S3 bucket policies.
- The pricing also seems reasonable (though you always have to watch out for costs with cloud services – they can sneak up on you quickly).
- The interface looks intuitive to get started. Some AWS services are not very intuitive and take for granted that you have a lot of AWS knowledge (which is not an unfair assumption for the most part). But the Macie designers seemed to consider that the exposures on S3 might just mean that some people might not know what the heck they are doing. You still will need to know about CloudTrail and other AWS concepts.
- The Macie dashboard gives a lot of good information and doesn’t appear to be be cluttered. Another nicely designed UX so far.
- Straight from the product page: “For data classification purposes, Macie utilizes CloudTrail’s ability to capture object-level API activity on S3 objects (data events).”
- Alerting seems to be very strong. Go check out the alerting page to see what all is available (there’s a lot there).
It looks like a few high-profile AWS customers are already using it (edmunds, Netflix, and Autodesk are the examples included in the marketing info), so AWS has done some due diligence with vetting this out. Machine learning is becoming more and more a norm in our lives these days, and the use cases are proving themselves out in a lot of cases. With so many different customers that could potentially use this with so many different kinds of data, it will be interesting to see some case studies come out over time to see if machine learning can be applied here with high success. I predict it will be successful and highly utilized.
This is a Security Bloggers Network syndicated blog post authored by Michael Farnum. Read the original post at: An Information Security Place