Hours later? Days? Never? We believe it should be within seconds. The same is true for any action that has security implications:
Your business has complex rules that affect its security policies. Your security solution should understand those rules.
Large accounts may see hundreds of thousands of API calls per hour. CloudSploit helps find the one API call that might compromise your account.
CloudSploit is one of the only security services that connects to CloudWatch Events. CloudWatch Events integrates with CloudTrail and serves as the notification point for every API call. Other services that only query CloudTrail Logs may take up to 10 minutes to detect new calls; Events is notified within seconds.
Bob's AWS account is experiencing an elevated level of suspicious activity from questionable IPs. Wouldn't it be great if Alice's account could be monitored for similar calls?
If Bob and Alice are both CloudSploit users, they can! CloudSploit uses its access to a massive network of events to create attack signatures in real-time and protect all of its users.
The larger the CloudSploit network grows, the more intelligent it becomes.