Questions tagged with Amazon GuardDuty
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hi,
I've got a standard Ubuntu 20.04 x86_64 EC2 instance with SSM properly installed I'd like to get the Guardduty agent installed on. However, I'm getting an error 'failed to find platform no...
2
answers
0
votes
133
views
asked 8 days agolg...
I have a Kali OS running as a docker container. From this I ssh into an Ubuntu machine which is a managed instance and is appearing in GuardDuty for the other tests i have done (Custom threat list)...
1
answers
0
votes
43
views
asked 15 days agolg...
I am writing custom Config rule on the console. I have turned on '**proactive evaluation**'. While saving, I get this error:
'One or more of the specified parameters are invalid'
I am not sure whats...
1
answers
0
votes
86
views
asked a month agolg...
Hi. Rally hope someone can shed some light on this questions:
I understand as a best practice, access key age should be 90 days or less.
a - Is this 90 day limit set in stone? Can we have users who...
2
answers
0
votes
95
views
asked a month agolg...
Hello,
We have recently been testing the preview of EC2 runtime monitoring for GuardDuty. We downloaded software (metasploit) and ran some exploits tests that we figured should cause the ec2 runtime...
2
answers
0
votes
81
views
asked a month agolg...
Hi, I tried to setup GuardDuty Runtime Monitoring for ECS Fargate cluster, both ECS task and GuardDuty runtime coverage are in healthy state, but when I check findings section I don't see any...
1
answers
0
votes
201
views
asked 2 months agolg...
I have a use case where I'd like to centralise GuardDuty findings from multiple member accounts into the Security Hub of one account. Let's call it the Audit account.
* I setup AWS Organisations with...
1
answers
1
votes
178
views
asked 2 months agolg...
Assuming that we are using
- EKS
- RDS (with Proxy)
- VPCs
- Elasticache
What would be the recommended security services to use here? There is a large number of them and I not sure, which ones to...
4
answers
0
votes
226
views
asked 3 months agolg...
Hello,
I have been receiving a high cost from GuardDuty every day for some time, when I analyzed it further I saw that this cost is related to the analysis of CloudTrail events by GuardDuty, and I...
2
answers
0
votes
210
views
asked 4 months agolg...
I am following [the steps](https://docs.aws.amazon.com/guardduty/latest/ug//managing-gdu-agent-ec2-manually.html) to enable the GuardDuty security agent on my ec2 instances which are used in a ecs...
2
answers
0
votes
250
views
asked 4 months agolg...
Hello,
I created an Event Bridge rule that picks Guard Duty findings and send them to a SNS topic. The topic itself is subscribed to a Slack channel.
I followed this article for setting up the rule:...
1
answers
0
votes
171
views
asked 4 months agolg...
Hello,
Has someone succeeded in enabling Runtime Monitoring on ECS Fargate for ARM 64 runtime?
I have enabled Automated agent configuration. All my tasks are Healthy, but it does not insert the...
0
answers
0
votes
117
views
asked 4 months agolg...