Amazon Web Servicesappears to be ramping up its security chops. TechCrunch has learned that the e-commerce giants cloud services group quietly acquiredcyber security firmharvest.ai.

The San Diego-based startup, co-founded by a team that includes twoformer NSA employees, uses machine learning and artificial intelligence to analyze user behavior around a companys key IP to try to identify and stop targeted attacks before valuable customer datacan be swiped.

We were alertedto the acquisition by a tipster, whosaid the purchase price for harvest.ai was$19 million a good return, considering that the startup onlyraised $2.3 million. The tipsteralso said the teams 12 employees arerelocating to Amazons Seattle headquarters.

Amazon told TechCrunch, in response to our questions about the startup, that it does not comment on rumors and speculation. Co-founders for harvest.ai, contacted about this deal, did not respond to our questions.

However, we have several pieces of evidence that point to an acquisition.

Asecond source that wishes to remain anonymous tells us the deal is closed. The source added that the value was closer to $20 million.

Seed investor, Trinity Ventures, notes harvest.aias acquired on its portfolio page butdoes not specify by whom.

Another investor in the startup, Kelly Perdew of LAsMoonshots Capital, which co-invested with Trinity in the seed round, also lists the firm as acquired by undisclosed on his LinkedIn page.

Severalformer harvest.ai software developers are already listed as employees ofAWS on their LinkedIn pages two commencing at AWS in April 2016.

None of the three co-founders list Amazon as a workplace on LinkedIn (not in publicly accessible way, at least), but weve been able to uncover evidence that two of the co-founders, Anna Zelenak and Alex Watson (who are married), in 2016 relocated to Seattle, where Amazon is headquartered. A third co-founder, Jenny Brinkley, listsAmazon as her employer on a political contributions database.

Harvest.ai had alreadybeen acustomer of AWS,featuring in its startup spotlight series, which aims to publicizethe platformto entrepreneurs who are scaling businesses with limited resources.

The startupsTwitter accountappears to have stopped tweeting in March last year the same monththere was also achange in registration for thedomain nameof its prior name. (The harvest.ai domain name registration appears to have changed in June last year.)

Harvest.aisflagship, patent-pending AI product is called MACIE Analytics. It uses AI to monitor how a customers intellectual property is being accessed in real-time, assessing who is looking at, copying or movingparticular documents, and where they are when theyre doing this, in order to identify suspicious patterns of behavior and flagpotential data breaches before theyve taken place. It bills the service as a way to combat the risk of insider attacks.

MACIE can automatically identify risk to the business of data that is being exposed or shared outside the organization and remediate based on policies in near real-time, it writes on its website.

MACIE integrates with your cloud and on-premise systems, examining patterns of logins, remote network access, access to data and documents to discover attacks and compile a comprehensive case for further review.

The startup launched its service in March 2015, when it also rebranded from its prior name of 405Labs and detailed its $2.3M seedround. According to CrunchBase, the business was founded in September 2014.(You do have to wonder if the founders inspiration came from NSA whistleblower Edward Snowden swiping all those classified documents from their ex employer, back in 2013 )

As for howAmazon may apply harvest.ai at AWS, there are a couple of areas.

The first of these is in Amazons own security-as-a-service features. AWS already offers embedded security features and tools for usersof itscloud services platform. Although there are third parties who offer security features for cloud services, Amazon has also moved into this area, given how vital it is for customers to trust itto lock down their key business assets.

And, as ever with security, its an arms race to keep on top of evolving threats, so it may be that harvest.ai was acquired to beef up those capabilities. Amazon CTO Werner Vogels has described security as one of the five supporting pillars of everyservice it builds for customers.

Last fall, for example, the company announcedAmazon Inspector: a service that analyzes a customersAWS instances and reports back with any security or compliance issues, generating a vulnerability report. A more sophisticated, AI-powered threat alert service such asharvest.ais user behavior monitoring system could similarly be incorporated into the AWSplatform itself orsoldas a standalone service.

There is also the wider area of AI and how Amazon is monetising that. While Alexa and the Amazon Echo hub are fast becoming household names, there is a second track of AI development at Amazon, at the AWS enterprise level. Last November,Amazon launched theAmazon AI platform as a way to monetize its in-houseAI smarts by making differentservices available as services to outsiders. The first three offerings wereimage recognition, text-to-speech,and voice recognition.

At thelaunch of that platform, AWSCEO Andy Jassy said: We do a lot of AI in our company. We have thousands of people dedicated to AI in our business.

Beyond harvest.ai offering another Amazon another AI-powered string for itsservices bow, the startups team of 12 will betopping up Bezos & Co.sin-house AI talent, which in itself is no small detail, as demand for AI engineers continues torun well over capacity across the tech industry.

Read more: