How AWS uses active defense to help protect customers from security threats

Security Blog

This article discusses how AWS uses an active defense system called Sonaris to protect customers from security threats in real-time. Sonaris detects and automatically restricts unauthorized scanning activities and attempts to access misconfigured AWS services like S3 buckets.

Specifically, the article covers:

AWS's commitment to security and proactive threat mitigation for customers
How Sonaris integrates AWS network telemetry and threat intelligence to identify malicious activities
Measurable results of Sonaris, such as blocking billions of abuse attempts and malware scans
Details on how Sonaris detects threats using machine learning and restricts activities via AWS services like Shield and WAF
Real-world example of Sonaris protecting against the Dota3 botnet
AWS's ongoing efforts to make the internet safer through security innovations like Sonaris

Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Jun 16
2025

How AWS improves active defense to empower customers

Jun 17
2025

AWS Network Firewall launches support for active threat defense

Nov 18
2025

Active threat defense now enabled by default in AWS Network Firewall

Aug 5
2024

How AWS tracks the cloud’s biggest security threats and helps shut them down

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

How AWS uses active defense to help protect customers from security threats

Related articles