Difference between revisions of "Amazon GuardDuty S3 protection"

From wikieduonline
Jump to navigation Jump to search
 
Line 12: Line 12:
  
 
== Related ==
 
== Related ==
* [[AWS IAM Access Analyzer]]
+
* [[AWS IAM Access Analyzer]] ([[AWS timeline|Dec 2019]]) <ref>https://aws.amazon.com/about-aws/whats-new/2019/12/introducing-aws-identity-and-access-management-access-analyzer/</ref>
 
* [[Amazon Detective]] ([[AWS timeline|Mar 2020]]) <ref>https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-detective-is-now-generally-available/</ref>  
 
* [[Amazon Detective]] ([[AWS timeline|Mar 2020]]) <ref>https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-detective-is-now-generally-available/</ref>  
 
* [[Amazon Macie]]
 
* [[Amazon Macie]]

Latest revision as of 04:27, 6 June 2024

Amazon GuardDuty S3 protection (Jul 2020) [1]


Capabilities[edit]

  • Requests coming from unusual geolocations [2]
  • Disabling of preventative controls [3]
  • API call patterns consistent with an attempt to discover misconfigured bucket permissions [4]
  • GuardDuty does not process requests to objects that you have made publicly accessible, but it does alert you when a bucket is made publicly accessible


Related[edit]

See also[edit]

  • https://aws.amazon.com/blogs/aws/new-using-amazon-guardduty-to-protect-your-s3-buckets/
  • https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
  • https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
  • https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
  • https://aws.amazon.com/about-aws/whats-new/2019/12/introducing-aws-identity-and-access-management-access-analyzer/
  • https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-detective-is-now-generally-available/
  • Advertising: