Difference between revisions of "Amazon GuardDuty S3 protection"

From wikieduonline
Jump to navigation Jump to search
Line 4: Line 4:
 
* User guide: https://docs.aws.amazon.com/guardduty/latest/ug/s3_detection.html?icmpid=docs_gd_help_panel
 
* User guide: https://docs.aws.amazon.com/guardduty/latest/ug/s3_detection.html?icmpid=docs_gd_help_panel
  
 
+
== Capabilities ==
 
* Requests coming from unusual geolocations <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref>
 
* Requests coming from unusual geolocations <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref>
 
* Disabling of preventative controls <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref>
 
* Disabling of preventative controls <ref>https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/</ref>

Revision as of 07:47, 23 November 2021

Amazon GuardDuty S3 protection (Jul 2020) [1]


Capabilities

  • Requests coming from unusual geolocations [2]
  • Disabling of preventative controls [3]
  • API call patterns consistent with an attempt to discover misconfigured bucket permissions [4]
  • GuardDuty does not process requests to objects that you have made publicly accessible, but it does alert you when a bucket is made publicly accessible


See also

  • https://aws.amazon.com/blogs/aws/new-using-amazon-guardduty-to-protect-your-s3-buckets/
  • https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
  • https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
  • https://aws.amazon.com/blogs/security/top-10-security-best-practices-for-securing-data-in-amazon-s3/
  • Advertising: