Which service utilizes machine learning to enhance security investigations?

The correct answer is Amazon Detective because it is specifically designed to help users investigate potential security issues and anomalies by leveraging machine learning. Amazon Detective analyzes log data from other AWS services, such as Amazon CloudTrail and Amazon VPC Flow Logs, to provide insights and visualizations that make it easier to understand the security context of these logs. This machine learning component aids in identifying patterns and deviations in behavior, enabling security teams to respond more effectively to potential threats.

The other services mentioned have different primary functions. AWS Config focuses on resource configuration management and compliance monitoring rather than direct security investigation. Amazon Inspector is primarily a security assessment service that helps improve the security of applications by identifying vulnerabilities but does not focus on ongoing security investigations. AWS CloudTrail captures and records AWS account activity, providing a history of AWS API calls for auditing and monitoring purposes, but it does not utilize machine learning for enhancing investigations. Hence, Amazon Detective is well-suited for tasks aimed specifically at enhancing security investigation capabilities through advanced data analysis.