Macie, Inspector, Rekognition, GuardDuty

Macie 

-         https://aws.amazon.com/macie/

-         fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS

-         automatically provides an inventory of Amazon S3 buckets including a list of unencrypted buckets, publicly accessible buckets, and buckets shared with AWS accounts outside those you have defined in AWS Organizations

-         applies machine learning and pattern matching techniques to the buckets you select to identify and alert you to sensitive data, such as personally identifiable information (PII). Macie’s alerts, or findings, can be searched and filtered in the AWS Management Console and sent to Amazon CloudWatch Events for easy integration with existing workflow or event management systems, or to be used in combination with AWS services, such as AWS Step Functions to take automated remediation actions

Inspector 

-         https://aws.amazon.com/inspector/

-         automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity. These findings can be reviewed directly or as part of detailed assessment reports which are available via the Amazon Inspector console or API

-         help you check for unintended network accessibility of your Amazon EC2 instances and for vulnerabilities on those EC2 instances

Rekognition

-         https://docs.aws.amazon.com/rekognition/latest/dg/what-is.html

-         makes it easy to add image and video analysis to your applications. You just provide an image or video to the Amazon Rekognition API, and the service can identify objects, people, text, scenes, and activities. It can detect any inappropriate content as well. Amazon Rekognition also provides highly accurate facial analysis, face comparison, and face search capabilities

GuardDuty

-         https://aws.amazon.com/guardduty/

-         a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3 

-         analyzes tens of billions of events across multiple AWS data sources, such as AWS CloudTrail event logs, Amazon VPC Flow Logs, and DNS logs