Amazon GuardDuty S3 protection

Amazon GuardDuty S3 protection (Jul 2020) ^[1]

• User guide: https://docs.aws.amazon.com/guardduty/latest/ug/s3_detection.html?icmpid=docs_gd_help_panel

Capabilities[edit]

• Requests coming from unusual geolocations ^[2]
• Disabling of preventative controls ^[3]
• API call patterns consistent with an attempt to discover misconfigured bucket permissions ^[4]
• GuardDuty does not process requests to objects that you have made publicly accessible, but it does alert you when a bucket is made publicly accessible

Related[edit]

• Amazon Detective
• Amazon EventBridge

See also[edit]

• Amazon GuardDuty: aws guardduty, aws guardduty list-detectors, aws guardduty list-findings
• AWS GuardDuty, Amazon GuardDuty S3 protection, aws guardduty, Finding type
• AWS security, AWS Security Hub, AWS CloudTrail, Amazon GuardDuty, Amazon Detective, AWS WAF, AWS Audit Manager, Amazon Fraud Detector, Cloudsploit, AWS Certified Security - Specialty, AWS Security Assurance Services, AWS GDPR, Amazon Inspector, AWS Network Firewall