Difference between revisions of "Amazon GuardDuty S3 protection"

From wikieduonline
Jump to navigation Jump to search
 
(10 intermediate revisions by the same user not shown)
Line 3: Line 3:
  
 
* User guide: https://docs.aws.amazon.com/guardduty/latest/ug/s3_detection.html?icmpid=docs_gd_help_panel
 
* User guide: https://docs.aws.amazon.com/guardduty/latest/ug/s3_detection.html?icmpid=docs_gd_help_panel
 +
 +
== Capabilities ==
 +
* Requests coming from unusual geolocations <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref>
 +
* Disabling of preventative controls <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref>
 +
* [[API]] call patterns consistent with an attempt to discover misconfigured bucket permissions <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref>
 +
* GuardDuty does not process requests to objects that you have made publicly accessible, but it does alert you when a bucket is made publicly accessible
 +
 +
 +
== Related ==
 +
* [[AWS IAM Access Analyzer]] ([[AWS timeline|Dec 2019]]) <ref>https://aws.amazon.com/about-aws/whats-new/2019/12/introducing-aws-identity-and-access-management-access-analyzer/</ref>
 +
* [[Amazon Detective]] ([[AWS timeline|Mar 2020]]) <ref>https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-detective-is-now-generally-available/</ref>
 +
* [[Amazon Macie]]
 +
* [[Amazon EventBridge]]
  
 
== See also ==
 
== See also ==
 +
* {{aws guardduty}}
 
* {{AWS GuardDuty}}
 
* {{AWS GuardDuty}}
 
* {{AWS security}}
 
* {{AWS security}}
* {{S3}}
+
 
  
 
[[Category:AWS]]
 
[[Category:AWS]]

Latest revision as of 04:27, 6 June 2024

Amazon GuardDuty S3 protection (Jul 2020) [1]


Capabilities[edit]

  • Requests coming from unusual geolocations [2]
  • Disabling of preventative controls [3]
  • API call patterns consistent with an attempt to discover misconfigured bucket permissions [4]
  • GuardDuty does not process requests to objects that you have made publicly accessible, but it does alert you when a bucket is made publicly accessible


Related[edit]

See also[edit]

  • https://aws.amazon.com/blogs/aws/new-using-amazon-guardduty-to-protect-your-s3-buckets/
  • https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
  • https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
  • https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
  • https://aws.amazon.com/about-aws/whats-new/2019/12/introducing-aws-identity-and-access-management-access-analyzer/
  • https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-detective-is-now-generally-available/
  • Advertising: