lolloj - Fotolia

Acquisition bolsters AWS security tools at scale

A quiet AWS acquisition last year could improve customers' ability to detect and respond to cyberattacks at scale through automation and machine learning.

AWS stealthily bought a security startup last year to potentially help automatically monitor customer accounts for data loss and guard against cyberattacks using machine learning.

Amazon's AWS unit acquired in the first quarter of 2016, but it's unclear exactly how the cloud provider will incorporate the security company into its AWS security tools. That is, if it's not already in there.

Fred Wang, a general partner at Trinity Ventures, a venture capital firm in Menlo Park, Calif., that backed the San Diego startup, declined to share any information on the transaction amount, but called it a "nice win" for both sides. Multiple outlets have reported the deal to be worth $19 million; parent company spent $16 million on acquisitions in the first quarter of 2016, according to filings with the U.S. Securities and Exchange Commission. AWS has not publicly acknowledged the deal, nor did it respond to multiple requests for comment.

Alex Watson, who spent a decade in the U.S. intelligence community, founded the company in 2014 and relaunched it as in 2015. The startup, which had roughly a dozen employees, describes its service as the intersection of data loss prevention and machine learning-based analytics. Its Macie product for enterprises identifies any potential "data loss leakage" of files either on premises or in the cloud, Wang said.

The company quickly accumulated some large enterprise customers with a technology that removes much of the tagging and manual setups required in more traditional data loss prevention models, Wang said.'s product applies machine learning across large data sets to figure out who or what accesses data. It then contrasts that information against a baseline to alert users of abnormal behavior. built its service on AWS; there's a natural fit with the platform in-house, Wang said.'s advanced data-aware user and entity behavior analytics can help organizations monitor sensitive data and detect exfiltration, said Neil MacDonald, a Gartner analyst. The deal brings not only data-centric monitoring and analytics expertise to AWS, but the data scientists behind, too.

"[This deal] would signal a deeper interest in security monitoring and advanced threat detection by AWS," he said.

It remains to be seen if the cloud provider will integrate the service into AWS security tools behind the scenes, offer it as a stand-alone service or if it will be part of a packaged security offering.

Amazon already offers a range of AWS security tools that include encryption and identity management services. Amazon Inspector, which became generally available in 2015, provides an automated assessment of application vulnerabilities, while AWS Config tracks and manages changes to resources. AWS Shield was added in December to protect against distributed denial-of-service attacks.

Trevor Jones is a news writer with SearchCloudComputing and SearchAWS. Contact him at [email protected].

Next Steps

Follow these best practices to secure your AWS cloud

Use AWS IAM -- and more -- to properly secure your cloud

These AWS tools can improve security posture

Dig Deeper on AWS industries and vertical markets