- Newest
- Most votes
- Most comments
I think you need to define and build an IDS system in this case. You can’t just rely on AWS services for this type of stuff.
You may need to implement something like VPC mirroring with a 3rd party system and have your website logs sent to a SIEM for analysis.
Hello.
I believe GuardDuty can be used to detect unauthorized logins to RDS.
https://docs.aws.amazon.com/guardduty/latest/ug/rds-protection.html
https://docs.aws.amazon.com/guardduty/latest/ug/findings-rds-protection.html
GuardDuty can also link events to Amazon EventBridge.
So it is possible to have linked events notified via SNS to e-mail or other means.
https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html
Thank you very much for your answer
AWS Config can send an alert via SNS when a change is made to the AWS configuration that breaches a compliance rule https://docs.aws.amazon.com/config/latest/developerguide/notifications-for-AWS-Config.html
Relevant content
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 3 years ago
Thank you very much for your answer
Thank you very much for your answer