Amazon Web Services (AWS), today, announced Amazon Macie, a new security service that uses machine learning to help customers prevent data loss by automatically discovering, classifying, and protecting sensitive data in AWS.
It also made public AWS Glue, a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data into Amazon Simple Storage Service (Amazon S3), Amazon Redshift, Amazon Relational Database Service (Amazon RDS), and databases running on Amazon Elastic Compute Cloud (Amazon EC2) for query and analysis.
Amazon Macie recognizes sensitive data
Amazon Macie recognizes sensitive data such as personally identifiable information (PII) or intellectual property, and provides customers with dashboards and alerts that give visibility into how this data is being accessed or moved. The fully managed service continuously monitors data access activity for anomalies, and generates detailed alerts when it detects risk of unauthorized access or inadvertent data leaks. Today, Amazon Macie is available to protect data stored in Amazon Simple Storage Service (Amazon S3), with support for additional AWS data stores coming later this year.
“When a customer has a significant amount of content stored in Amazon S3, identifying and classifying all of the potentially sensitive data can feel a bit like finding needles in a very large haystack — especially with monitoring tools that aren’t smart enough to effectively automate what is now a very manual process,” said Stephen Schmidt, Chief Information Security Officer, Amazon Web Services.
“Amazon Macie approaches information security in a more intelligent way. By using machine learning to understand the content and user behavior of each organization, Amazon Macie can cut through huge volumes of data with better visibility and more accurate alerts, allowing customers to focus on securing their sensitive information instead of wasting time trying to find it.”
Amazon Macie can send all findings to Amazon CloudWatch Events and will support API endpoints through the AWS SDK later this year, allowing for robust interoperability with third-party solutions. Planned integrations include solutions from leading providers such as Palo Alto Networks, Splunk, Trend Micro, and more, allowing customers to easily incorporate intelligence from Amazon Macie into their existing security workflows for deeper analysis and forensics.
According to an official release, Autodesk, Edmunds.com and Netflix are few early companies using Macie.
AWS Glue is serverless
Coming back to Glue, the other service launched by AWS today, customers can create and run an ETL job with a few clicks in the AWS Management Console. Customers simply point Glue at their data stored on AWS, and Glue discovers the associated metadata (e.g. table definitions) and classifies it, generates ETL scripts for data transformation, and loads the transformed data into a destination data store, provisioning the infrastructure needed to complete the job.
Since AWS Glue is serverless, customers only pay for the compute resources they consume while executing data preparation and loading jobs.
“AWS’s scalable, reliable cloud storage, combined with our broad range of analytics services make it easier than ever for customers to collect, store, analyze, and share data,” said Raju Gulabani, Vice President, Databases, Analytics, and AI, Amazon Web Services.
“While it’s amazing to see how much analytics are being run on AWS today, many have told us that there is one piece of the equation that is still way too hard – cleaning and preparing huge volumes of data for analysis. We developed AWS Glue to eliminate much of the undifferentiated heavy lifting involved with ETL. By cataloging all of a customer’s data and automating the ETL process, AWS Glue not only takes a lot of the hassle out of analytics. It also makes it possible for customers to store their data in as many sources as they want, and very quickly start analyzing all of it with whatever AWS service they choose.”
AWS Glue is currently available in the US East (N Virginia) region and will expand to additional regions in the coming months.