- Le plus récent
- Le plus de votes
- La plupart des commentaires
In addition to the suggestions from the answer above, I'd recommend using the 4th session of the Well-Architected Framework - Security Pillar - which gives guidance configuring services (not only GuardDuty and CloudTrail but other services that can be used to detect threats like WAF, Config, etc) , analyze logs, prepare automation and implement actionable security events following best practices to threat detection.
I'd suggest also to look at the AWS Security Hub service which can centralize alerts and insights from several AWS and 3rd party services not only regarded to threat detection.
https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html
First I suggest to share this whitepaper with the customer https://d1.awsstatic.com/whitepapers/aws_security_incident_response.pdf
AWS Guarduty combined with AWS Cloud Trail is the options available natively for now, or you could use Alert Logic a partner on the marketplace.
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a 10 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 9 mois
- AWS OFFICIELA mis à jour il y a 3 ans