Amazon GuardDuty


Bookmarks How It Works GuardDuty Findings Trusted IP Lists and Threat Lists Pricing Validate Your Knowledge Amazon GuardDuty Cheat Sheet An intelligent threat detection service. It analyzes billions of events across your AWS accounts from AWS CloudTrail (AWS user and API activity in your accounts), Amazon VPC Flow Logs (network traffic data), and DNS Logs (name query patterns). How It Works GuardDuty is a regional service. Threat detection categories Reconnaissance -- Activity suggesting reconnaissance by an attacker, such as unusual API activity, intra-VPC port scanning, unusual patterns of failed login requests, or [...]