Bảng Tổng Hợp Các Dịch Vụ AWS: Bảo Mật, Giám Sát, Quản Lý, Phân Tích, Tối Ưu Hóa, Tuân Thủ

Security & Compliance Services

Amazon GuardDuty

What It Does: Intelligent threat detection service using ML that continuously monitors for malicious activity

Key Features:

• Machine learning-based anomaly detection
• Integrated threat intelligence
• DNS log analysis
• VPC Flow Log monitoring

Use Cases:

• Phát hiện các trường hợp bị xâm phạm(Detecting compromised instances)
• Phát hiện khai thác tiền điện tử(Cryptocurrency mining detection)
• Tấn công do thám(Reconnaissance attacks)
• Ngăn chặn đánh cắp dữ liệu(Data exfiltration prevention)

Pricing: Pay-per-use based on volume of events analyzed (CloudTrail, DNS, VPC Flow Logs)

Target Services: CloudTrail, VPC Flow Logs, DNS, S3, EKS, RDS, Lambda

Amazon Inspector

What It Does: Automated vulnerability assessment service for applications and infrastructure

Key Features:

• Continuous scanning
• Software vulnerability detection
• Network reachability analysis
• Prioritized findings

Use Cases:

• Application security assessments
• Compliance scanning
• Container image vulnerability scanning

Pricing: Pay-per-assessment for EC2 instances and container images

Target Services: EC2 instances, ECR container images, Lambda functions

Amazon Macie

What It Does: AI-powered data security service that discovers and protects sensitive data

Key Features:

• Automated data discovery
• PII detection
• Data classification
• Access pattern analysis

Use Cases:

• Data privacy compliance (GDPR, HIPAA)
• Sensitive data discovery
• Data loss prevention

Pricing: Pay-per-GB of data processed and per S3 bucket monitored

Target Services: Amazon S3 buckets and objects

AWS Security Hub

AWS Security Hub là trung tâm bảo mật tập trung của AWS, giúp bạn tổng hợp, phân tích và quản lý trạng thái bảo mật trên toàn bộ tài khoản AWS. (Centralized security posture management dashboard)

Key Features:

• Aggregates findings from multiple security services
• Compliance checks
• Automated remediation
• Custom insights

Use Cases:

• Central security operations center
• Compliance reporting
• Multi-account security management

Pricing: Pay-per-finding ingested and per compliance check

Target Services: GuardDuty, Inspector, Macie, Config, third-party tools

Amazon Security Lake

What It Does: Purpose-built data lake for security data

Key Features:

• Automatic data normalization
• OCSF format
• Centralized storage
• Query capabilities

Use Cases:

• Security analytics
• Threat hunting
• Compliance reporting
• Custom security applications

Pricing: Pay for data ingestion, storage, and queries

Target Services: CloudTrail, GuardDuty, VPC Flow Logs, third-party sources

Monitoring & Observability Services

Service	What It Does	Key Features	Use Cases	Pricing	Target Services
AWS CloudTrail	API activity logging and audit service	Comprehensive API call logging, data event tracking, insight events, multi.region trails	Compliance auditing, security analysis, operational troubleshooting, forensic investigation	Pay.per.trail and per data event recorded	All AWS services that make API calls
Amazon CloudWatch	Comprehensive monitoring and observability platform	Metrics collection, log aggregation, alarms, dashboards, application insights	Performance monitoring, resource optimization, automated scaling, troubleshooting	Pay.per.metric, log ingestion, API requests, and dashboard usage	EC2, Lambda, RDS, custom applications, on.premises
AWS X.Ray	Distributed application tracing service	End.to.end request tracing, service maps, performance analysis, error detection	Microservices debugging, performance optimization, bottleneck identification	Pay.per.trace recorded and retrieved	Lambda, EC2, ECS, Elastic Beanstalk, API Gateway