Difference between revisions of "Amazon GuardDuty"
Jump to navigation
Jump to search
↑ https://aws.amazon.com/about-aws/whats-new/2017/11/announcing-amazon-guardduty-intelligent-threat-detection/
Line 1: | Line 1: | ||
[[wikipedia:Amazon GuardDuty]] ([[AWS timeline|Nov 2017]]) <ref>https://aws.amazon.com/about-aws/whats-new/2017/11/announcing-amazon-guardduty-intelligent-threat-detection/</ref> [[threat detection]] uses | [[wikipedia:Amazon GuardDuty]] ([[AWS timeline|Nov 2017]]) <ref>https://aws.amazon.com/about-aws/whats-new/2017/11/announcing-amazon-guardduty-intelligent-threat-detection/</ref> [[threat detection]] uses | ||
− | * [[AWS CloudTrail]] logs | + | * [[AWS CloudTrail]] logs: |
+ | ** CloudTrail management events: activated by default, cannot be disabled. | ||
+ | ** [[S3 protection]]: S3 data events | ||
* [[VPC Flow]] Logs | * [[VPC Flow]] Logs | ||
* [[DNS query logs]] | * [[DNS query logs]] | ||
Line 19: | Line 21: | ||
* [[AWS CloudTrail]] management event analysis | * [[AWS CloudTrail]] management event analysis | ||
* [[Delegated Administrator]] | * [[Delegated Administrator]] | ||
− | + | ||
== Activities == | == Activities == |
Revision as of 14:32, 22 November 2021
wikipedia:Amazon GuardDuty (Nov 2017) [1] threat detection uses
- AWS CloudTrail logs:
- CloudTrail management events: activated by default, cannot be disabled.
- S3 protection: S3 data events
- VPC Flow Logs
- DNS query logs
Contents
Cost
Formats
- TXT
- STIX
- OTX_CSV
- ALIEN_VAULT
- PROOF_POINT
- FIRE_EYE
Related
- AWS CloudTrail management event analysis
- Delegated Administrator
Activities
See also
- Amazon GuardDuty:
aws guardduty
[ list-detector | list-findings | create-detector | update-detector ]
- AWS GuardDuty, S3 protection, for EKS.
aws guardduty
, Finding type, aws-guardduty-agent EKS addon, Runtine Monitoring - AWS security, AWS Security Hub, AWS CloudTrail, Amazon GuardDuty, Amazon Detective, AWS WAF, AWS Audit Manager, Amazon Fraud Detector, Cloudsploit, AWS Certified Security - Specialty, AWS Security Assurance Services, AWS GDPR, Amazon Inspector, AWS Network Firewall
Advertising: