Monitoring and investigation Streamline incident response Self-service security solutions Dashboard for visibility Security posture Expedited assistance Preparedness and readiness

Feature Summary

Monitoring and investigation

AWS Security Incident Response rapidly reviews security alerts from Amazon GuardDuty and third-party integrations with AWS Security Hub, reducing the number your team needs to analyze. It configures suppression rules based on your environment to reduce low-priority alerts you need to triage and investigate.

Streamline incident response

Scale and execute incident response within minutes with relevant stakeholders, third-party services, and tools.

Self-service security solutions

AWS Security Incident Response provides APIs to integrate and allow you to build your own customized security solutions.

Dashboard for visibility

Monitor and measure incident response readiness.

Security posture

Access AWS best practices and vetted tools for security assessment and rapid incident response investigation.

Expedited assistance

Connect with AWS's Customer Incident Response Team (CIRT) to investigate, contain, and receive guidance on ways to recover from security events.

Preparedness and readiness

Implement streamlined notification by setting up your Incident Response team that triggers alerts to designated individuals or groups, with predefined permission policies.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Supported configurations

Concepts and Terminology