- Finally, a wireless microphone that effectively replaces my Shure shotgun when traveling
- I ditched my smartphone for this E Ink handset for two weeks, and it rewired my brain
- Blue Shield of California Data Breach Affects 4.7 Million Members
- Slowdown in AWS data center leasing plans poses little threat to CIOs
- Nvidia's 70+ projects at ICLR show how raw chip power is central to AI's acceleration
How AWS secures its infrastructure with Sonaris

David Vance, a senior analyst from ESG Global, offers an explanation, and it has to do with MadPot, the network of honeypots AWS has built into the system.
“Since Sonaris leverages a tremendous amount of threat intelligence gathered from AWS’ threat sensor framework, called MadPot, I believe it can be an effective front-line tool to defend against many different types of AWS attacks going forward,” he said.
This makes sense considering the first-hand threat intelligence AWS commands from its vast infrastructure and how that, coupled with some external telemetry, can be factoring into Sonaris’ ability to sniff out unauthorized attempts at access.
“Once unauthorized traffic is detected, Sonaris connects to AWS services like Amazon GuardDuty, AWS WAF and AWS Shield to automatically and preemptively block malicious access to customer resources and data hosted on AWS,” Vance added, furthering AWS’ case for a fully rounded capability. “It can also detect and alert if customer accounts are accessed by unauthorized users using compromised IAM access keys.”
A new revenue stream?
Despite a strong commercial potential, interestingly, Sonaris has not been packaged into a public facing offering.
Betz said AWS has no plans to turn Sonaris into a commercial offering, though.