Tuesday, November 12, 2024
HomeAmazon AWSAWS Launches Mithra To Detect Malicious Domains Across Systems

AWS Launches Mithra To Detect Malicious Domains Across Systems

Published on

Malware protection

Amazon’s e-commerce platforms and cloud services form a digital ecosystem requiring a strong cybersecurity framework.

Amazon, which has a vast online presence covering multiple domains and services, is at great risk of being attacked by advanced cyber threats.

For this reason, Amazon uses an innovative mixture of the latest technologies and old security measures to protect against these vulnerabilities.

- Advertisement - SIEM as a Service

Besides this, recently, AWS launched Mithra to detect malicious domains across systems.

Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access

AWS Launches Mithra

Detecting and responding to cyberattacks in real-time using its global cloud infrastructure is what AWS does best.

MadPot, a global honeypot network, and Mithra, a massive neural network graph model with 3.5 billion nodes, are some of the AI-based tools that it uses for this purpose.

By handling trillions of DNS requests per day, they can identify an average of 182,000 new malicious domains each day, which in most cases precedes third-party feeds by months.

As such, this high-definition threat intel can be seen in Amazon GuardDuty and other services, as well as automatically protecting millions of customers’ AWS accounts against next-gen cyber threats.

In the following ways, the Mithra can be used:-

  • Use a high-confidence list of malicious domains in GuardDuty for protection.
  • Block malicious domains and receive threat alerts with GuardDuty.
  • Reduce false positives with Mithra’s scores in third-party threat feeds.
  • Mithra’s scores can be used by the AWS security analysts for additional context in investigations.

Mithra acts like a huge pipe that swallows up data since it can process 200 trillion DNS requests each day in a single Amazon Web Services region. 

This platform, which utilizes machine learning, detects about 182,000 new malicious domains per day due to Amazon’s vast network, which handles 25% of global internet traffic. 

Mithra has built-in responses to bad signals left by attackers without human interference, which increases its efficiency. 

It also integrates with multiple AWS security services, such as WAF and Amazon GuardDuty, leading to full coverage.

Proactively protecting both customers and non-customer organizations, AWS actively uses its wealth of threat intelligence.

AWS’s affected parties are alerted to such potential compromises as vulnerabilities and misconfigured systems which AWS identifies promptly at times making them first aware of such issues.

Further details regarding the alerts include actionable recommendations like blocking specific domains, implementing security patches, or conducting forensic investigations.

That means companies can prevent attacks rather than simply reacting to events in this way.

Moreover, AWS encourages a collaborative security ecosystem that enables informed entities to share IOCs as well as attack vectors such as social engineering techniques, phishing campaigns, zero-day exploits, and remote code execution methods.

By enabling this kind of information sharing between it and other organizations in response to threats, AWS’s threat intelligence is enhanced further.

How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

10 Best DNS Management Tools – 2025

Best DNS Management Tools play a crucial role in efficiently managing domain names and...

Sweet Security Announces Availability of its Cloud Native Detection & Response Platform on the AWS Marketplace

Customers can now easily integrate Sweet’s runtime detection and response platform into their AWS...

Researchers Detailed Credential Abuse Cycle

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling...

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Maximizing Agent Productivity And Security With Workforce Management Software In Contact Centers

In the bustling world of customer service, the stakes are perpetually high—every missed call...

Hackers Using AV/EDR Bypass Tool From Cybercrime Forums To Bypass Endpoints

Researchers uncovered two previously unknown endpoints with older Cortex XDR agents that used to...

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215...