AWS News Blog
Category: Amazon GuardDuty
Amazon GuardDuty Now Supports Amazon EKS Runtime Monitoring
Since Amazon GuardDuty launched in 2017, GuardDuty has been capable of analyzing tens of billions of events per minute across multiple AWS data sources, such as AWS CloudTrail event logs, Amazon Virtual Private Cloud (Amazon VPC) Flow Logs, and DNS query logs, Amazon Simple Storage Service (Amazon S3) data plane events, Amazon Elastic Kubernetes Service […]
AWS Week in Review – August 1, 2022
AWS re:Inforce returned to Boston last week, kicking off with a keynote from Amazon Chief Security Officer Steve Schmidt and AWS Chief Information Security officer C.J. Moses: Be sure to take some time to watch this video and the other leadership sessions, and to use what you learn to take some proactive steps to improve […]
New for Amazon GuardDuty – Malware Protection for Amazon EBS Volumes
August 1st, 2022: Post updated to clarify how GuardDuty Malware Protection works with KMS keys. With Amazon GuardDuty, you can monitor your AWS accounts and workloads to detect malicious activity. Today, we are adding to GuardDuty the capability to detect malware. Malware is malicious software that is used to compromise workloads, repurpose resources, or gain […]
Amazon Detective Supports Kubernetes Workloads on Amazon EKS for Security Investigations
In March 2020, we introduced Amazon Detective, a fully managed service that makes it easy to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. Amazon Detective continuously extracts temporal events such as login attempts, API calls, and network traffic from Amazon GuardDuty, AWS CloudTrail, and Amazon Virtual Private Cloud (Amazon VPC) […]
Amazon GuardDuty Enhances Detection of EC2 Instance Credential Exfiltration
Updates: This blog post was updated on Jan, 23 2023 to show how to use imdsv2 instead of imdsv1 and on July, 16 2024 to refer to the new email address to contact the AWS Trust & Safety team Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior […]
New – Using Amazon GuardDuty to Protect Your S3 Buckets
As we anticipated in this post, the anomaly and threat detection for Amazon Simple Storage Service (Amazon S3) activities that was previously available in Amazon Macie has now been enhanced and reduced in cost by over 80% as part of Amazon GuardDuty. This expands GuardDuty threat detection coverage beyond workloads and AWS accounts to also help you protect […]
Amazon GuardDuty – Continuous Security Monitoring & Threat Detection
Threats to your IT infrastructure (AWS accounts & credentials, AWS resources, guest operating systems, and applications) come in all shapes and sizes! The online world can be a treacherous place and we want to make sure that you have the tools, knowledge, and perspective to keep your IT infrastructure safe & sound. Amazon GuardDuty is […]