The latest security announcements from Amazon aim to address a wide range of security issues for businesses, including an all-in-one hand-scanning biometric system and new capabilities for its Detective security visualization tool and GuardDuty continuous monitoring solution.
Amazon One Enterprise is the most novel of the company’s announcements, which were made this week at its AWS re:Invent event in Las Vegas. One Enterprise is a palm-based identity tool for both physical and digital security — users can authenticate using a handprint, instead of carrying an access fob for building access, or using a PIN to access software resources. The idea, according to the company, is to reduce overhead from the management of standard enterprise authentication methods and eliminate many of their associated vulnerabilities. Keycards and the like can be lost or stolen, and must often be verified by other means, while PINs and passwords must be regularly changed and have the ability to be reset when forgotten.
According to Amazon, the use of vein and palm imagery for matching is more accurate than even double iris scanning.
“The new service’s palm-recognition technology uses advanced artificial intelligence and machine learning to create a palm signature that is associated with identification credentials like a badge, employee ID, or PIN,” the company said in a press release.
Elsewhere in the security stack, Amazon added identity and access management (IAM) support for its Detective security visualization tool. This means that users can now search through user IDs and roles for indicators of compromise automatically, the company said. Moreover, a new generative AI feature can generate natural-language summaries for investigations in Detective, which Amazon said should make it easier and faster to synthesize information from the company’s numerous security platforms.
Finally, the company announced that its GuardDuty intelligent threat detection product now has the ability to detect runtime security issues in ECS clusters, whether they’re running on the AWS Fargate serverless computing platform or in EC2. Runtime security is a particularly important consideration for containerized environments, and Amazon said that the newest version of GuardDuty looks for discrete events (file access, process execution, and similar) that can indicate a runtime threat.