Why do you not want to aggregate the information?
If GD was to raise separate findings customers would quickly be overwhelmed with findings and would find it hard to address the issue. By having a single finding and then updating it continuously, it is easier for you to then see which findings to fix (you can see which findings have been open for the longest time for example), then when you fix the issue you can close that single finding down.
It is not currently possible to have new findings raised for the same security issue on the same instance - that is by design.
- demandé il y a un an
- Pourquoi ai-je reçu l'alerte de type de résultat Recon:EC2/PortProbeUnprotectedPort de GuardDuty pour mon instance Amazon EC2 ?AWS OFFICIELA mis à jour il y a 2 ans