David Vance, senior analyst of ESG Global, gives an explanation, and it is related to MadPot, a network of honeypots that AWS has built into the system.
“Since Sonaris uses a wealth of threat intelligence gathered from AWS’s threat intelligence framework, called MadPot, I believe it can be a very effective tool to protect against many different types of attacks on AWS going forward,” he said.
This makes sense considering AWS’s initial intelligence orders threatening its large infrastructure and how that, combined with external telemetry, could add leverage to Sonaris’ ability to sniff out unauthorized access attempts.
“Once unauthorized traffic is detected, Sonaris connects to AWS services such as Amazon GuardDuty, AWS WAF and AWS Shield to automatically block and prevent malicious access to customer resources and managed data in AWS,” added Vance, furthering the case of AWS to its full potential. . “It can also detect and alert when customer accounts are being accessed by unauthorized users using compromised IAM access keys.”
A new way to earn money?
Despite strong commercial potential, it is interesting that Sonaris has not been integrated into public-facing offerings.
Betz said AWS has no plans to turn Sonaris into a retail offering.
Source link