Amazon Macie is the newest security service powered by Artificial Intelligence launched by AWS that uses machine learning to identify, categorize, and secure your sensitive data that is stored in S3 buckets. It continuously monitors your data and sends alerts when it detects an anomaly in the usage or access patterns. It uses templated Lambda functions for either sending alerts, revoking unauthorized access, or resetting password policies upon detecting suspicious behavior.
As of now, Amazon Macie supports S3 and CloudTrail with the support for more services such as EC2, DynamoDB, RDS, Glue is planned in the near future. Let us look at two important features of Amazon Macie.
Amazon Macie allows you to discover and classify sensitive data along with analyzing usage patterns and user behavior. It continuously monitors newly added data to your existing data storage.
It uses artificial intelligence to understand and analyze usage patterns of existing data in the AWS environment. It understands data by using the Natural Language Processing (NLP) method.
It will classify sensitive data and prioritize it according to your unique organizational data access patterns. You can use it to create your own alerts and policy definitions for securing your data.
Amazon Macie allows you to be proactively compliant with security and achieve preventive security. It enables you to discover, classify, and secure multiple data types such as personally identifiable information, protected health information, compliance documents, audit reports, encryption keys, API keys, and so on.
You can audit instantly by verifying compliance with logs that are automated. All the changes to ACL and security policies can be identified easily. You can configure actionable alerts to detect changes in user behavior.
You can also configure notifications when your protected data leaves the secured zone. You can detect events when an unusual amount of sensitive data is shared either internally or externally.