Difference between revisions of "Amazon GuardDuty S3 protection"
Jump to navigation
Jump to search
↑ https://aws.amazon.com/blogs/aws/new-using-amazon-guardduty-to-protect-your-s3-buckets/
↑ https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
↑ https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
↑ https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
Line 4: | Line 4: | ||
* User guide: https://docs.aws.amazon.com/guardduty/latest/ug/s3_detection.html?icmpid=docs_gd_help_panel | * User guide: https://docs.aws.amazon.com/guardduty/latest/ug/s3_detection.html?icmpid=docs_gd_help_panel | ||
− | + | == Capabilities == | |
* Requests coming from unusual geolocations <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref> | * Requests coming from unusual geolocations <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref> | ||
* Disabling of preventative controls <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref> | * Disabling of preventative controls <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref> |
Revision as of 07:47, 23 November 2021
Amazon GuardDuty S3 protection (Jul 2020) [1]
- User guide: https://docs.aws.amazon.com/guardduty/latest/ug/s3_detection.html?icmpid=docs_gd_help_panel
Capabilities
- Requests coming from unusual geolocations [2]
- Disabling of preventative controls [3]
- API call patterns consistent with an attempt to discover misconfigured bucket permissions [4]
- GuardDuty does not process requests to objects that you have made publicly accessible, but it does alert you when a bucket is made publicly accessible
See also
- AWS GuardDuty, S3 protection, for EKS.
aws guardduty
, Finding type, aws-guardduty-agent EKS addon, Runtine Monitoring - AWS security, AWS Security Hub, AWS CloudTrail, Amazon GuardDuty, Amazon Detective, AWS WAF, AWS Audit Manager, Amazon Fraud Detector, Cloudsploit, AWS Certified Security - Specialty, AWS Security Assurance Services, AWS GDPR, Amazon Inspector, AWS Network Firewall, Zelkova
- AWS S3,
aws s3, aws s3api, aws s3control, s3:
, Amazon S3 Storage Lens, AWS S3 replication, CRR, SSR, CAR, S3 Replication Time Control (S3 RTC), Website endpoint, Amazon Macie, Versioning, Lifecycle, Encryption, logging, Amazon S3 Inventory, Amazon S3 Batch Operations, Storage Classes, Amazon S3 clients, Terraform S3, AWS canned ACLs, Directory buckets, security,PutObject
Advertising: