Amazon Web Services
has introduced new features for Amazon GuardDuty and Amazon Detective aimed at bolstering malware scanning and software container application security, reports SiliconAngle
With the new GuardDuty Malware Protection tool, AWS will not only be able to identify malicious activity in Windows and Linux but also determine malicious PDF documents, scripts, software installers, and other files. Automated malware scans are also launched by the tool after identifying suspicious activity.
"For example, a malware scan is triggered when an EC2 instance is communicating with a command-and-control server that is known to be malicious or is performing denial of service (DoS) or brute-force attacks against other EC2 instances," said AWS Chief Evangelist for EMEA Danilo Poccia.
Meanwhile, Amazon Detective has been updated to facilitate investigations of intrusions impacting instances on Amazon Elastic Kubernetes Service.
"Detective automatically correlates user activity using CloudTrail, and network activity using Amazon VPC Flow logs, without the need for you to enable, store, or retain logs manually," said AWS Principal Developer Advocate Channy Yun.