Difference between revisions of "Amazon GuardDuty"

From wikieduonline
Jump to navigation Jump to search
Line 2: Line 2:
 
* [[AWS CloudTrail]] logs:
 
* [[AWS CloudTrail]] logs:
 
** CloudTrail management events: activated by default, cannot be disabled.
 
** CloudTrail management events: activated by default, cannot be disabled.
** [[S3 protection]]: S3 data events <ref>https://aws.amazon.com/blogs/aws/new-using-amazon-guardduty-to-protect-your-s3-buckets/</ref>
+
** [[S3 protection]]: S3 data events (Jul 2020)<ref>https://aws.amazon.com/blogs/aws/new-using-amazon-guardduty-to-protect-your-s3-buckets/</ref>
 
* [[VPC Flow]] Logs
 
* [[VPC Flow]] Logs
 
* [[DNS query logs]]
 
* [[DNS query logs]]

Revision as of 15:04, 22 November 2021

wikipedia:Amazon GuardDuty (Nov 2017) [1] threat detection uses


GuardDuty does not process requests to objects that you have made publicly accessible, but it does alert you when a bucket is made publicly accessible

Cost


Formats

  • TXT
  • STIX
  • OTX_CSV
  • ALIEN_VAULT
  • PROOF_POINT
  • FIRE_EYE

Related

Activities

See also

  • https://aws.amazon.com/about-aws/whats-new/2017/11/announcing-amazon-guardduty-intelligent-threat-detection/
  • https://aws.amazon.com/blogs/aws/new-using-amazon-guardduty-to-protect-your-s3-buckets/
    • Retrieved from "https://www.wikieduonline.com/index.php?title=Amazon_GuardDuty&oldid=101156"

    Advertising: