Announced in the previous re:Invent, AWS IoT Defender is now available for use. As previously mentioned, AWS IoT Defender is a fully-managed service that audits, analyses, detects possible intrusion in your connected devices. Finally, it also recommends ways to mitigate the threats. You may use it to cover a wide array of devices.
By running tests based on security best practices, AWS IoT Defender may audit your linked devices. You may do this via schedule or on demand.
The Defender investigates network connections, outbound packet and byte counts, destination IP addresses, inbound and outbound message rates, authentication failures, etc.
The IoT Defender looks for:
- Imperfect Configurations – IoT Defender spots revoked or expired certificates, certificates shared across many devices, and duplicate identifiers.
- AWS Issues – Defender identifies such problems as weak IoT policies, Cognito IDs with permissive access, and disabled logging.
Should the Defender find any issues, it will inform users via AWS IoT Console, through CloudWatch metrics, or even through SNS notifications.
AWS IoT Defender is now available in the following regions: in the US East (N. Virginia), US West (Oregon), US East (Ohio), EU (Ireland), EU (Frankfurt), EU (London), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), and Asia Pacific (Seoul). Pricing is monthly per device and per monitored datapoint.
AWS aims to keep users safe and secure in the cloud. If you would like to learn how to apply it to your enterprise, contact us today at PolarSeven.