Configuration and vulnerability analysis - Amazon IoT SiteWise
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Configuration and vulnerability analysis

IoT fleets can consist of large numbers of devices that have diverse capabilities, are long-lived, and are geographically distributed. These characteristics make fleet setup complex and error-prone. Because devices usually have limited processing power, memory, and storage, they can't always support encryption and other security measures. Also, devices often use software with known vulnerabilities. These factors make IoT fleets an attractive target for hackers and make it difficult to secure your device fleet on an ongoing basis.

Amazon IoT Device Defender addresses these challenges by providing tools to identify security issues and deviations from best practices. Use Amazon IoT Device Defender to analyze, audit, and monitor connected devices to detect abnormal behavior, and mitigate security risks. Amazon IoT Device Defender can audit device fleets to ensure they adhere to security best practices and detect abnormal behavior on devices. This makes it possible to enforce consistent security policies across your Amazon IoT device fleet and respond quickly when devices are compromised. For more information, see Amazon IoT Device Defender in the Amazon IoT Developer Guide.

If you use SiteWise Edge gateways to ingest data to the service, it's your responsibility to configure and maintain your SiteWise Edge gateway's environment. This responsibility includes upgrading to the latest versions of the SiteWise Edge gateway's system software, Amazon IoT Greengrass software, and the Amazon IoT SiteWise connector. For more information, see Configure the Amazon IoT Greengrass core in the Amazon IoT Greengrass Version 1 Developer Guide and Upgrading a connector.