Amazon Macie

Reading time: 1 minute

Introduction

Amazon Macie ni huduma ya usalama wa data inayogundua data nyeti kwa kutumia kujifunza kwa mashine na ulinganifu wa mifumo, inatoa mwonekano wa hatari za usalama wa data, na inaruhusu ulinzi wa kiotomatiki dhidi ya hatari hizo.

Listing Findings with AWS Console

Baada ya kuchanganua S3 bucket maalum kwa ajili ya siri na data nyeti, matokeo yatatengenezwa na kuonyeshwa kwenye console. Watumiaji walioidhinishwa wenye ruhusa za kutosha wanaweza kuona na kuorodhesha matokeo haya kwa kila kazi.

Screenshot 2025-02-10 at 19 08 08

Revealing Secret

Amazon Macie inatoa kipengele kinachoonyesha siri zilizogunduliwa kwa muundo wa maandiko wazi. Hii inasaidia katika kutambua data iliyovunjwa. Hata hivyo, kuonyesha siri kwa maandiko wazi kwa ujumla hakuchukuliwi kama njia bora kutokana na wasiwasi wa usalama, kwani inaweza kufichua taarifa nyeti.

Screenshot 2025-02-10 at 19 13 53 Screenshot 2025-02-10 at 19 15 11

Enumeration

bash
# List and describe classification jobs
aws macie2 list-classification-jobs --region eu-west-1
aws macie2 describe-classification-job --job-id <Job_ID> --region eu-west-1

# Retrieve account details and statistics
aws macie2 get-macie-session --region eu-west-1
aws macie2 get-usage-statistics --region eu-west-1

# List and manage Macie members (for organizations)
aws macie2 list-members --region eu-west-1

# List findings and get detailed information about specific findings
aws macie2 list-findings --region eu-west-1
aws macie2 get-findings --finding-id <Finding_ID> --region eu-west-1

# Manage custom data identifiers
aws macie2 list-custom-data-identifiers --region eu-west-1
aws macie2 get-custom-data-identifier --id <Identifier_ID> --region eu-west-1

# List and detail findings filters
aws macie2 list-findings-filters --region eu-west-1
aws macie2 get-findings-filter --id <Filter_ID> --region eu-west-1