- GuarDuty, Macie and Security Hub are used to identify potential security issues or findings
- Sometimes security findings require deeper analysis to isolate the root cause and take actions
- Amazon Detective analyzes, investigates and quickly identifies the root cause of security issues or suspicious activities using ML and graphs
- Automatically collects nad processes events from VPC Flow Logs, CloudTrail trails and GuarDuty to create an unified view
- Produces visualization with details and context to get to the root cause of the issue