Difference between revisions of "Amazon GuardDuty S3 protection"
Jump to navigation
Jump to search
↑ https://aws.amazon.com/blogs/aws/new-using-amazon-guardduty-to-protect-your-s3-buckets/
↑ https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
↑ https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
↑ https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
↑ https://aws.amazon.com/about-aws/whats-new/2019/12/introducing-aws-identity-and-access-management-access-analyzer/
↑ https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-detective-is-now-generally-available/
(No difference)
| |
Latest revision as of 04:27, 6 June 2024
Amazon GuardDuty S3 protection (Jul 2020) [1]
- User guide: https://docs.aws.amazon.com/guardduty/latest/ug/s3_detection.html?icmpid=docs_gd_help_panel
Capabilities[edit]
- Requests coming from unusual geolocations [2]
- Disabling of preventative controls [3]
- API call patterns consistent with an attempt to discover misconfigured bucket permissions [4]
- GuardDuty does not process requests to objects that you have made publicly accessible, but it does alert you when a bucket is made publicly accessible
Related[edit]
- AWS IAM Access Analyzer (Dec 2019) [5]
- Amazon Detective (Mar 2020) [6]
- Amazon Macie
- Amazon EventBridge
See also[edit]
- Amazon GuardDuty:
aws guardduty[ list-detector | list-findings | create-detector | update-detector ] - AWS GuardDuty, S3 protection, for EKS.
aws guardduty, Finding type, aws-guardduty-agent EKS addon, Runtine Monitoring - AWS security, AWS Security Hub, AWS CloudTrail, Amazon GuardDuty, Amazon Detective, AWS WAF, AWS Audit Manager, Amazon Fraud Detector, Cloudsploit, AWS Certified Security - Specialty, AWS Security Assurance Services, AWS GDPR, Amazon Inspector, AWS Network Firewall
Advertising:
