🗂️ Navigation
📁 Multi-Cloud Management
📋 AWS Security Tools
🔧 Amazon Detective

Amazon Detective

Analyze, investigate, and quickly identify the root cause of security findings.

Visit Website →

Overview

Amazon Detective makes it easy to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. It automatically collects log data from your AWS resources and uses machine learning, statistical analysis, and graph theory to build a linked set of data that enables you to easily conduct faster and more efficient security investigations.

✨ Key Features

  • Automatic data collection from CloudTrail, VPC Flow Logs, EKS audit logs, and GuardDuty.
  • Interactive visualizations and behavior graphs.
  • Generative AI-powered insights and summaries.
  • Maintains up to a year of aggregated data for analysis.
  • Integration with AWS Security Hub and Amazon GuardDuty.

🎯 Key Differentiators

  • Automatically builds a behavior graph of AWS resources
  • No need to configure data sources or write complex queries
  • Visualizations are purpose-built for security investigations in AWS

Unique Value: Drastically reduces the time and effort required to investigate security findings by automatically correlating and visualizing disparate log data.

🎯 Use Cases (4)

Security incident investigation and root cause analysis Threat hunting Visualizing resource behavior and interactions Triaging and understanding security findings from GuardDuty

✅ Best For

  • Investigating a GuardDuty finding to understand the full scope of a potential compromise
  • Analyzing VPC flow logs to trace suspicious network connections
  • Identifying the root cause of anomalous API calls

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Initial threat detection (it's designed for investigating existing findings, not generating new ones)
  • Log storage and archival (it's an analysis tool, not a log management solution)

🏆 Alternatives

Splunk Datadog Security Platform Sumo Logic

Unlike general-purpose log analysis tools that require significant effort to configure and query, Amazon Detective provides a pre-built, context-aware investigation experience specifically for AWS security events.

💻 Platforms

Web API

🔌 Integrations

Amazon GuardDuty AWS Security Hub AWS Organizations

🛟 Support Options

  • ✓ Email Support
  • ✓ Live Chat
  • ✓ Phone Support
  • ✓ Dedicated Support (Business, Enterprise tier)

🔒 Compliance & Security

✓ SOC 2 ✓ HIPAA ✓ BAA Available ✓ GDPR ✓ ISO 27001 ✓ SSO ✓ SOC 1/2/3 ✓ PCI DSS Level 1 ✓ HIPAA ✓ FedRAMP ✓ ISO/IEC 27001

💰 Pricing

Contact for pricing

✓ 30-day free trial

Visit Amazon Detective Website →

🔄 Similar Tools in AWS Security Tools

AWS Identity and Access Management (IAM)

Centrally manage fine-grained access to AWS....

Contact

Amazon GuardDuty

A managed threat detection service that continuously monitors for malicious activity....

Contact

AWS Security Hub

A cloud security posture management (CSPM) service....

Contact

AWS Secrets Manager

A secrets management service to protect access to applications, services, and IT resources....

$0.40/mo

AWS Config

A service that enables you to assess, audit, and evaluate resource configurations....

Contact

AWS Firewall Manager

A security management service for centrally managing firewall rules....

$100.00/mo