Amazon IoT Device Defender logo

Amazon IoT Device Defender

AWS IoT Device Defender is a security service that lets you continuously audit your IoT configurations to detect deviations from security best practices. It also lets you detect abnormal device behavior through ML-based anomaly detection and take actions to mitigate security risks.

1 APIs 1 Capabilities 4 Features
ComplianceIoTSecurityVulnerability Management

APIs

AWS IoT Device Defender API

The AWS IoT Device Defender API provides programmatic access to security profiles, audit configurations, anomaly detection, and violation management for IoT fleet security.

Capabilities

Amazon IoT Device Defender - Iot Security Monitoring

Unified capability for Security Engineer, IoT Developer to manage security service for iot fleet auditing and anomaly detection operations.

Run with Naftiko

Features

Configuration Audit

Continuously audit IoT configurations against security best practices.

ML Anomaly Detection

Detect abnormal device behavior using machine learning models.

Security Profiles

Define expected behaviors for device metrics and receive alerts on violations.

Automated Mitigation

Automatically take actions to mitigate security violations.

Use Cases

IoT Compliance

Ensure IoT deployments meet security compliance requirements.

Threat Detection

Detect compromised devices exhibiting abnormal communication patterns.

Security Auditing

Audit IoT policies and certificates against security best practices.

Integrations

AWS IoT Core

Monitors all IoT Core device connections and policies.

Amazon CloudWatch

Sends security metrics and alerts to CloudWatch.

AWS Security Hub

Publishes IoT security findings to Security Hub.

Semantic Vocabularies

Amazon Iot Device Defender Context

102 classes · 266 properties

JSON-LD

API Governance Rules

Amazon IoT Device Defender API Rules

14 rules · 8 errors 5 warnings 1 info

SPECTRAL

Resources

🌐
Portal
Portal
🔗
Website
Website
🔗
Documentation
Documentation
📜
TermsOfService
TermsOfService
📜
PrivacyPolicy
PrivacyPolicy
💬
Support
Support
📰
Blog
Blog
👥
GitHubOrganization
GitHubOrganization
🌐
Console
Console
📝
SignUp
SignUp
🔗
Login
Login
🟢
StatusPage
StatusPage
🔗
Contact
Contact
🔗
SpectralRules
SpectralRules
🔗
NaftikoCapability
NaftikoCapability
🔗
NaftikoCapability
NaftikoCapability
🔗
Vocabulary
Vocabulary
🔗
JSONLD
JSONLD

Sources

Raw ↑ 
aid: amazon-iot-device-defender
name: Amazon IoT Device Defender
description: >-
  AWS IoT Device Defender is a security service that lets you continuously audit your IoT configurations to detect deviations from security best practices. It also lets you detect abnormal device behavior through ML-based anomaly detection and take actions to mitigate security risks.
type: Index
image: https://kinlane-productions.s3.amazonaws.com/apis-json/apis-json-logo.jpg
tags:
  - AWS
  - Compliance
  - IoT
  - Security
  - Vulnerability Management
url: >-
  https://raw.githubusercontent.com/api-evangelist/amazon-iot-device-defender/refs/heads/main/apis.yml
created: '2026-03-16'
modified: '2026-04-19'
specificationVersion: '0.19'
apis:
  - aid: amazon-iot-device-defender:aws-iot-defender-api
    name: AWS IoT Device Defender API
    description: >-
      The AWS IoT Device Defender API provides programmatic access to security profiles, audit configurations, anomaly detection, and violation management for IoT fleet security.
    humanURL: https://aws.amazon.com/iot-device-defender/
    baseURL: https://iot.amazonaws.com
    tags:
      - Compliance
      - IoT
      - Security
    properties:
      - type: Documentation
        url: https://docs.aws.amazon.com/iot/latest/developerguide/device-defender.html
      - type: OpenAPI
        url: openapi/amazon-iot-device-defender-openapi-original.yml
      - type: GettingStarted
        url: https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-getting-started.html
      - type: Pricing
        url: https://aws.amazon.com/iot-device-defender/pricing/
      - type: FAQ
        url: https://aws.amazon.com/iot-device-defender/faqs/
common:
  - type: Portal
    url: https://aws.amazon.com/iot-device-defender/
  - type: Website
    url: https://aws.amazon.com/iot-device-defender/
  - type: Documentation
    url: https://docs.aws.amazon.com/iot/latest/developerguide/device-defender.html
  - type: TermsOfService
    url: https://aws.amazon.com/service-terms/
  - type: PrivacyPolicy
    url: https://aws.amazon.com/privacy/
  - type: Support
    url: https://aws.amazon.com/premiumsupport/
  - type: Blog
    url: https://aws.amazon.com/blogs/iot/tag/aws-iot-device-defender/
  - type: GitHubOrganization
    url: https://github.com/aws
  - type: Console
    url: https://console.aws.amazon.com/iot/home#/devicedefender
  - type: SignUp
    url: https://portal.aws.amazon.com/billing/signup
  - type: Login
    url: https://signin.aws.amazon.com/
  - type: StatusPage
    url: https://health.aws.amazon.com/health/status
  - type: Contact
    url: https://aws.amazon.com/contact-us/
  - type: SpectralRules
    url: rules/amazon-iot-device-defender-spectral-rules.yml
  - type: NaftikoCapability
    url: capabilities/shared/iot-device-defender.yaml
  - type: NaftikoCapability
    url: capabilities/iot-security-monitoring.yaml
  - type: Vocabulary
    url: vocabulary/amazon-iot-device-defender-vocabulary.yaml
  - type: JSONLD
    url: json-ld/amazon-iot-device-defender-context.jsonld
  - type: Features
    data:
      - name: Configuration Audit
        description: Continuously audit IoT configurations against security best practices.
      - name: ML Anomaly Detection
        description: Detect abnormal device behavior using machine learning models.
      - name: Security Profiles
        description: Define expected behaviors for device metrics and receive alerts on violations.
      - name: Automated Mitigation
        description: Automatically take actions to mitigate security violations.
  - type: UseCases
    data:
      - name: IoT Compliance
        description: Ensure IoT deployments meet security compliance requirements.
      - name: Threat Detection
        description: Detect compromised devices exhibiting abnormal communication patterns.
      - name: Security Auditing
        description: Audit IoT policies and certificates against security best practices.
  - type: Integrations
    data:
      - name: AWS IoT Core
        description: Monitors all IoT Core device connections and policies.
      - name: Amazon CloudWatch
        description: Sends security metrics and alerts to CloudWatch.
      - name: AWS Security Hub
        description: Publishes IoT security findings to Security Hub.
maintainers:
  - FN: Kin Lane
    email: [email protected]