Questions tagged with Amazon GuardDuty
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
In a hub&spoke topology with centralized inspection and egress, and considering the cost of VPC flow logs if enabled in every spoke VPCs, I am tempted to only have the AWS firewall flow logs enabled...
1
answers
0
votes
73
views
asked 15 days agolg...
I see:
* USE1-PaidEventsAnalyzed
* USW2-PaidEventsAnalyzed
* USW2-PaidS3DataEventsAnalyzed
* USE2-PaidEventsAnalyzed
* USE1-PaidS3DataEventsAnalyzed
* SAE1-PaidEventsAnalyzed
* EU-PaidEventsAnalyzed
*...
1
answers
0
votes
83
views
asked 17 days agolg...
Hi,
I've got a standard Ubuntu 20.04 x86_64 EC2 instance with SSM properly installed I'd like to get the Guardduty agent installed on. However, I'm getting an error 'failed to find platform no...
2
answers
0
votes
407
views
asked a month agolg...
I have a Kali OS running as a docker container. From this I ssh into an Ubuntu machine which is a managed instance and is appearing in GuardDuty for the other tests i have done (Custom threat list)...
1
answers
0
votes
67
views
asked a month agolg...
I am writing custom Config rule on the console. I have turned on '**proactive evaluation**'. While saving, I get this error:
'One or more of the specified parameters are invalid'
I am not sure whats...
1
answers
0
votes
112
views
asked 2 months agolg...
Hi. Rally hope someone can shed some light on this questions:
I understand as a best practice, access key age should be 90 days or less.
a - Is this 90 day limit set in stone? Can we have users who...
2
answers
0
votes
131
views
asked 2 months agolg...
Hello,
We have recently been testing the preview of EC2 runtime monitoring for GuardDuty. We downloaded software (metasploit) and ran some exploits tests that we figured should cause the ec2 runtime...
2
answers
0
votes
110
views
asked 2 months agolg...
Hi, I tried to setup GuardDuty Runtime Monitoring for ECS Fargate cluster, both ECS task and GuardDuty runtime coverage are in healthy state, but when I check findings section I don't see any...
1
answers
0
votes
277
views
asked 3 months agolg...
I have a use case where I'd like to centralise GuardDuty findings from multiple member accounts into the Security Hub of one account. Let's call it the Audit account.
* I setup AWS Organisations with...
1
answers
1
votes
219
views
asked 3 months agolg...
Assuming that we are using
- EKS
- RDS (with Proxy)
- VPCs
- Elasticache
What would be the recommended security services to use here? There is a large number of them and I not sure, which ones to...
4
answers
0
votes
251
views
asked 4 months agolg...
Hello,
I have been receiving a high cost from GuardDuty every day for some time, when I analyzed it further I saw that this cost is related to the analysis of CloudTrail events by GuardDuty, and I...
2
answers
0
votes
252
views
asked 4 months agolg...
I am following [the steps](https://docs.aws.amazon.com/guardduty/latest/ug//managing-gdu-agent-ec2-manually.html) to enable the GuardDuty security agent on my ec2 instances which are used in a ecs...
2
answers
0
votes
305
views
asked 4 months agolg...