![](\"https:\/\/sophos.files.wordpress.com\/2019\/11\/shutterstock_495781054.png\"\/)
<\/p>\nTo stop advanced cyber threats targeting public cloud data and workloads, you need to ensure your cloud resources are configured correctly \u2013 and importantly, know how they can be accessed.<\/p>\n
Cloud Optix has already transformed the way organizations address challenges around public cloud visibility and threat detection. So we\u2019re over the moon to support the latest advancements in public cloud security with the launch of Amazon Detective and AWS Identity and Access Management (IAM) Access Analyzer at AWS re:Invent 2019, which gives you a smart way to further meet these challenges.<\/p>\n
If you can\u2019t see it, you can\u2019t secure it<\/h3>\n
Cloud Optix answers a critical market need for visibility into these long-standing and risky blind spots.<\/p>\n
Artificial intelligence is used to automate detection and response of cloud architecture security vulnerabilities and misconfigurations. Security teams gain complete visibility into everything they have in the cloud and the ability to respond and remediate security risks in minutes.<\/p>\n
Available in Amazon Web Services (AWS) Marketplace<\/a>, Cloud Optix provides automatic discovery of an organization\u2019s assets across hybrid cloud environments, including AWS, native and managed Kubernetes clusters (Amazon EKS), and Infrastructure-as-Code environments.<\/p>\n Now, with the latest integrations showcased at AWS re:Invent 2019, Sophos is taking this up a notch, accelerating threat investigation with Amazon Detective, and launching the latest capabilities around IAM Access Analyzer.<\/p>\n If you\u2019re managing security over separate AWS accounts, you know how hard it is to connect the dots from different security findings. This is one way attackers get in \u2013 after all, they only need to get lucky once.<\/p>\n But, this is also where Amazon Detective comes into its own. Identifying activity such as failed logon attempts or suspicious API calls, it enables rapid investigation of patterns in behavior that is simply not possible for busy security teams to do manually.<\/p>\n But, this is also where Amazon Detective comes into its own. Identifying activity such as failed logon attempts or suspicious API calls, it connects disparate actions across your AWS accounts with ease and enables rapid investigation of patterns in behavior, which is simply not possible for busy security teams to do manually.<\/p>\n By providing detailed visualizations and analysis, Amazon Detective allows you to understand the root cause of a security finding, as well as the resources affected, so you have the context needed to decide if activities are malicious.<\/p>\n LEARN MORE: Amazon Detective and Cloud Optix \u25ba<\/a><\/p>\n<\/p><\/div>\n Who has access to my S3 buckets? Can an external account assume my IAM role and access or delete my sensitive data? Good questions\u2026 wait a minute, let me check.<\/p>\n Well, you don\u2019t have time for that, but IAM Access Analyzer does.<\/p>\n It provides a smart approach to the discovery of cross-account and external account S3 access, giving you the power to analyze hundreds or even thousands of policies across AWS environments in seconds within Cloud Optix. This provides you with the detail and context needed to quickly determine if resource policies have been misconfigured to allow unintended public or cross-account access \u2013 leaving your valuable resources or data exposed.<\/p>\nConnecting activity to spot threats sooner<\/h3>\n
Identify unintended access in seconds<\/h3>\n