GuardDuty

Guard Duty is an automatic threat detection service which reviews data from supported services and attempts to identify any events outside of the 'norm' for a given AWS account or Accounts.

  • Intelligent threat detection service

  • Detects account compromise, instance compromise, malicious reconnaissance, and bucket compromise

  • Continuous monitoring for events across:

    • AWS CloudTrail Management Events

    • AWS CloudTrail S3 Data Events

    • Amazon VPC Flow Logs

    • DNS Logs

Last updated