Difference between revisions of "Amazon GuardDuty S3 protection"
Jump to navigation
Jump to search
↑ https://aws.amazon.com/blogs/aws/new-using-amazon-guardduty-to-protect-your-s3-buckets/
↑ https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
↑ https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
↑ https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
↑ https://aws.amazon.com/about-aws/whats-new/2019/12/introducing-aws-identity-and-access-management-access-analyzer/
↑ https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-detective-is-now-generally-available/
(One intermediate revision by the same user not shown) | |||
Line 12: | Line 12: | ||
== Related == | == Related == | ||
− | * [[AWS IAM Access Analyzer]] | + | * [[AWS IAM Access Analyzer]] ([[AWS timeline|Dec 2019]]) <ref>https://aws.amazon.com/about-aws/whats-new/2019/12/introducing-aws-identity-and-access-management-access-analyzer/</ref> |
* [[Amazon Detective]] ([[AWS timeline|Mar 2020]]) <ref>https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-detective-is-now-generally-available/</ref> | * [[Amazon Detective]] ([[AWS timeline|Mar 2020]]) <ref>https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-detective-is-now-generally-available/</ref> | ||
+ | * [[Amazon Macie]] | ||
* [[Amazon EventBridge]] | * [[Amazon EventBridge]] | ||
Latest revision as of 04:27, 6 June 2024
Amazon GuardDuty S3 protection (Jul 2020) [1]
- User guide: https://docs.aws.amazon.com/guardduty/latest/ug/s3_detection.html?icmpid=docs_gd_help_panel
Capabilities[edit]
- Requests coming from unusual geolocations [2]
- Disabling of preventative controls [3]
- API call patterns consistent with an attempt to discover misconfigured bucket permissions [4]
- GuardDuty does not process requests to objects that you have made publicly accessible, but it does alert you when a bucket is made publicly accessible
Related[edit]
- AWS IAM Access Analyzer (Dec 2019) [5]
- Amazon Detective (Mar 2020) [6]
- Amazon Macie
- Amazon EventBridge
See also[edit]
- Amazon GuardDuty:
aws guardduty
[ list-detector | list-findings | create-detector | update-detector ]
- AWS GuardDuty, S3 protection, for EKS.
aws guardduty
, Finding type, aws-guardduty-agent EKS addon, Runtine Monitoring - AWS security, AWS Security Hub, AWS CloudTrail, Amazon GuardDuty, Amazon Detective, AWS WAF, AWS Audit Manager, Amazon Fraud Detector, Cloudsploit, AWS Certified Security - Specialty, AWS Security Assurance Services, AWS GDPR, Amazon Inspector, AWS Network Firewall, Zelkova
Advertising: