Securing AWS infrastructure with Sonaris: A Closer Look

Securing AWS infrastructure with Sonaris: A Closer Look



AWS has developed a threat detection tool called Sonaris that is used to protect customers from billions of malicious attempts to access their resources each year. The detector has been in use for a few years and has blocked a significant number of attempts to scan customer data stored in Amazon S3 and discover vulnerabilities in customer servers on Amazon EC2. Sonaris works by detecting and neutralizing unauthorized access attempts to AWS resources.

Despite its impressive capabilities, Sonaris operates similarly to conventional threat detection and response solutions. However, its success lies in leveraging AWS’s threat intelligence framework, known as MadPot, to effectively defend against various types of attacks in the future. Sonaris can preemptively block malicious access and alert customers of unauthorized account accesses. While its commercial potential is strong, AWS has no plans to turn Sonaris into a public offering, opting to use it solely to protect its customers for free.

Competing cloud service providers like Google Cloud and Microsoft Azure offer similar commercial offerings, while AWS’s Sonaris remains an internal tool. By offering Sonaris for free, AWS aims to provide a competitive advantage and prioritize security for its customers. The tool is intended to strengthen AWS’s security infrastructure amid evolving and increasing threats in the cyber landscape. Sonaris plays a critical role in detecting abnormal patterns in AWS resources and continues to evolve to better protect customers from attacks.

Overall, Sonaris is a powerful threat detection tool that enhances the security of AWS resources and provides customers with a high level of protection against malicious attempts. While its commercial potential is significant, AWS prioritizes security by offering Sonaris for free to its customers as an inclusive security capability. The tool’s integration with AWS infrastructure and vast threat intelligence framework makes it a valuable asset in defending against various types of attacks.

Article Source
https://www.networkworld.com/article/2154115/how-aws-secures-its-infrastructure-with-sonaris.html/amp/