Today Amazon Web Services (AWS) launched the new Amazon GuardDuty Malware Protection service, delivering agentless detection of malware on AWS workloads. <\/span><\/p>\n As a global leader in next-generation cybersecurity, we’re excited to integrate these advancements into our newly announced Cloud Native Security offering<\/a> to help automate, simplify, and enhance the detection and response to the Amazon GuardDuty Malware Protection findings.<\/span>\u00a0<\/span><\/p>\n Amazon GuardDuty Malware Protection helps detect malicious files on Amazon EC2 instances and container workloads without requiring the use of security software or agents<\/span>.\u00a0 S<\/span>uspicious GuardDuty findings initiate GuardDuty Malware Protection scans of volume snapshots of Amazon EBS volumes attached to your Amazon EC2 instance and container workloads.\u00a0<\/span><\/p>\n It offers the following benefits:<\/span>\u00a0<\/span><\/p>\n While Amazon GuardDuty Malware Protection is a great way to add additional AWS security protection, it, and GuardDuty in general, can only tell a company\u2019s security team part of an overall story. <\/span><\/p>\n Our new Cloud Native Security offering, which combines <\/span>Intercept X for Server with XDR and Cloud Optix,<\/span> integrates Amazon GuardDuty\u202f<\/span>findings into a full organizational security posture view through the Sophos Central management console.<\/span>\u00a0<\/span><\/p>\n Sophos Central provides a clear, prioritized view of<\/span> threats across your entire enterprise attack surface. <\/span>Amazon GuardDuty alerts are seamlessly integrated into this single view, as well as layering in information from numerous other AWS security services, such as Amazon Inspector, AWS CloudTrail and AWS Security Hub, IAM role anomaly detection, and workload protection agent visibility.<\/span>\u00a0<\/span><\/p>\n \u201cEase of integration with our partner and customer\u2019s systems is the true test of great security,\u201d said Scott Barlow, Sophos vice president of global MSP and cloud alliances. \u201cThat\u2019s why we\u2019ve engineered <\/span>Sophos Cloud Native Security<\/span><\/a> to integrate with Amazon Simple Notification Service, security information and event management (SIEM) solutions, widely used collaboration services, and more. Two-way integration with ticketing tools allows your teams to easily embed cloud security and compliance response into standard workflows by creating tickets from inside the Cloud Optix console for new incidents, including Amazon GuardDuty.\u201d<\/span>\u00a0<\/span><\/p>\n \u201cWe know how critical contextual data is when investigating and confidently responding to cloud security threat incidents,\u201d added Barlow.<\/span>\u00a0<\/span><\/p>\n While full-estate context is critical to understanding an attack, added capabilities through Sophos makes IT security pros jobs easier and helps them sleep better at night. <\/span><\/p>\n For example, the <\/span>Cloud Native Security feature <\/span>Activity Insights<\/span><\/a>\u00a0enhances GuardDuty alert notification services by using AI to build out a timeline of events and assign a confidence score, saving security pros invaluable incident triage time.\u00a0 <\/span><\/p>\n Sophos Cloud Native Security will also soon be able to (currently in pre-release) scan files going into or leaving S3 (Amazon Simple Storage Service) for malware, as well as optionally scanning static files, enabling scans of both types of AWS\u2019 primary storage services.\u00a0<\/span><\/p>\n Sophos Cloud Native Security also<\/span> provides telemetry from Sophos workload protection agents to add further context to threats identified by Amazon GuardDuty. Security pros can then act confidently to mitigate a threat, reducing incident mean time to resolve (MTTR).<\/span>\u00a0<\/span><\/p>\n \u201cAs an AWS Level 1 Managed Security Service Partner, we know that a proactive defense requires 24\/7 monitoring and response, but for a lot of IT teams, large and small, it\u2019s not realistic to keep a team monitoring security around the clock,\u201d added Barlow.<\/span>\u00a0<\/span><\/p>\n Available in AWS Marketplace<\/span><\/a>, <\/span>the Sophos Threat Protection, Monitoring and Response for AWS package<\/span><\/a>\u202fcombines cloud security posture management and compliance, firewall, cloud workload and endpoint protection, a number of AWS services, and the Sophos Managed Threat Response service to continuously monitor AWS environments, and analyze and triage security events. <\/span><\/p>\n This support helps companies increase the efficiency of their security programs and internal teams, pre-emptively advising on recommended next steps and acting on their behalf, if desired.<\/span>\u00a0<\/span><\/p>\n Learn more or speak with an expert to dive deeper on a specific topic at\u202f<\/span><\/b>sophos.com\/aws-mssp<\/span><\/b><\/a>.\u00a0<\/span><\/p>\n<\/p><\/div>\nWhat is Amazon GuardDuty Malware Protection?<\/h1>\n
\n
Add critical full-estate context with the new Sophos Cloud Native Security offering<\/h1>\n
Sophos enhances and extends Amazon GuardDuty capabilities<\/h1>\n
Enable Sophos 24\/7 threat protection, monitoring, and response on AWS<\/h1>\n
![](\"https:\/\/news.sophos.com\/wp-content\/uploads\/2022\/07\/sophos-cns-news-blog-image-1200x628px@2x.png\"\/)
<\/p>\n