Fending Off Cyberattacks
Channel Futures: What sorts of cyber threats is AWS facing? Is it constant?
AWS’ Mark Ryland: We run these public APIs on the internet, so there’s constant probing and attacking going on. We deal a lot with the distributed denial of service (DDoS) issues, which being a very large infrastructure provider, of course we’re seeing the impact of that. But also from the start, we’re building and engineering our capability, and our networking facilities and presence to deal with that effectively. So actually many customers come to the cloud precisely because we can actually help defend them much more successfully, because of our scale, than they could do on their own or with a smaller hosting provider. So that’s a good example.
We also run a lot of telemetry and sensors that are looking for the kind of routine attacks that you see constantly, trying to measure those, looking for new types of malware, analyzing those and building protections into our security services. We have a service called the Web Application Firewall or WAF, and we’re constantly improving the WAF protections by actually running sensors that look for attacks and analyze those, and automatically then generate new protections that customers can benefit from. So it’s a … full closed loop of both looking for the kind of typical malware and probing attackers, analyzing what they’re doing, and then adding protections to either our Guard Duty service, which gives you indications of potential problems in your environment, or our WAF service, which actively protects you from those exact attacks.
