Difference between revisions of "Amazon GuardDuty S3 protection"
Jump to navigation
Jump to search
↑ https://aws.amazon.com/blogs/aws/new-using-amazon-guardduty-to-protect-your-s3-buckets/
↑ https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
↑ https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
↑ https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
↑ https://aws.amazon.com/about-aws/whats-new/2019/12/introducing-aws-identity-and-access-management-access-analyzer/
↑ https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-detective-is-now-generally-available/
(Created page with " * {{AWS GuardDuty}} * {{S3}}") |
|||
(14 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
+ | Amazon GuardDuty S3 protection ([[AWS timeline|Jul 2020]]) <ref>https://aws.amazon.com/blogs/aws/new-using-amazon-guardduty-to-protect-your-s3-buckets/</ref> | ||
+ | * User guide: https://docs.aws.amazon.com/guardduty/latest/ug/s3_detection.html?icmpid=docs_gd_help_panel | ||
+ | == Capabilities == | ||
+ | * Requests coming from unusual geolocations <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref> | ||
+ | * Disabling of preventative controls <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref> | ||
+ | * [[API]] call patterns consistent with an attempt to discover misconfigured bucket permissions <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref> | ||
+ | * GuardDuty does not process requests to objects that you have made publicly accessible, but it does alert you when a bucket is made publicly accessible | ||
+ | |||
+ | |||
+ | == Related == | ||
+ | * [[AWS IAM Access Analyzer]] ([[AWS timeline|Dec 2019]]) <ref>https://aws.amazon.com/about-aws/whats-new/2019/12/introducing-aws-identity-and-access-management-access-analyzer/</ref> | ||
+ | * [[Amazon Detective]] ([[AWS timeline|Mar 2020]]) <ref>https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-detective-is-now-generally-available/</ref> | ||
+ | * [[Amazon Macie]] | ||
+ | * [[Amazon EventBridge]] | ||
+ | |||
+ | == See also == | ||
+ | * {{aws guardduty}} | ||
* {{AWS GuardDuty}} | * {{AWS GuardDuty}} | ||
− | * {{ | + | * {{AWS security}} |
+ | |||
+ | |||
+ | [[Category:AWS]] |
Latest revision as of 04:27, 6 June 2024
Amazon GuardDuty S3 protection (Jul 2020) [1]
- User guide: https://docs.aws.amazon.com/guardduty/latest/ug/s3_detection.html?icmpid=docs_gd_help_panel
Capabilities[edit]
- Requests coming from unusual geolocations [2]
- Disabling of preventative controls [3]
- API call patterns consistent with an attempt to discover misconfigured bucket permissions [4]
- GuardDuty does not process requests to objects that you have made publicly accessible, but it does alert you when a bucket is made publicly accessible
Related[edit]
- AWS IAM Access Analyzer (Dec 2019) [5]
- Amazon Detective (Mar 2020) [6]
- Amazon Macie
- Amazon EventBridge
See also[edit]
- Amazon GuardDuty:
aws guardduty
[ list-detector | list-findings | create-detector | update-detector ]
- AWS GuardDuty, S3 protection, for EKS.
aws guardduty
, Finding type, aws-guardduty-agent EKS addon, Runtine Monitoring - AWS security, AWS Security Hub, AWS CloudTrail, Amazon GuardDuty, Amazon Detective, AWS WAF, AWS Audit Manager, Amazon Fraud Detector, Cloudsploit, AWS Certified Security - Specialty, AWS Security Assurance Services, AWS GDPR, Amazon Inspector, AWS Network Firewall, Zelkova
Advertising: