Questions tagged with Amazon GuardDuty
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
I am following [the steps](https://docs.aws.amazon.com/guardduty/latest/ug//managing-gdu-agent-ec2-manually.html) to enable the GuardDuty security agent on my ec2 instances which are used in a ecs...
2
answers
0
votes
420
views
asked 6 months agolg...
Hello,
I created an Event Bridge rule that picks Guard Duty findings and send them to a SNS topic. The topic itself is subscribed to a Slack channel.
I followed this article for setting up the rule:...
1
answers
0
votes
264
views
asked 6 months agolg...
Hello,
Has someone succeeded in enabling Runtime Monitoring on ECS Fargate for ARM 64 runtime?
I have enabled Automated agent configuration. All my tasks are Healthy, but it does not insert the...
0
answers
0
votes
136
views
asked 6 months agolg...
I am trying to install the Guardduty security agent on my AWS Linux 2 ami.
I following the instructions on...
1
answers
0
votes
576
views
asked 6 months agolg...
Can you just use Guard Duty Runtime Monitoring for ECS? Or do you have to turn on some base level features of guard duty as well?
1
answers
0
votes
376
views
asked 6 months agolg...
I would like to take an IaaC approach to configuring GuardDuty to export its findings to a S3 bucket.
I've successfully managed to do this via button clicks in the console, examined the bucket policy...
1
answers
0
votes
452
views
asked 7 months agolg...
I have enabled Guard duty and changed the Finding publish frequency to 15 minutes. I have created a eventbridge rule to send me an email if there are any new findings.
There is one new finding...
2
answers
0
votes
429
views
asked 7 months agolg...
Hello team ,
How can we configure securityhub , cloudtrail , guardduty and config for the accounts I have provided via AFT ?
2
answers
0
votes
329
views
asked 7 months agolg...
Hi,
I set up an EKS cluster using an NLB. It's currently working fine but the security group creates rules that open some ports to internet. The instances behind the security group are being probed...
0
answers
0
votes
182
views
asked 7 months agolg...
Hello everyone,
I want to build a lab environment, where I have a simulated Security Operations Center with some vulnerable EC2 instances like Workstations or Windows/Linux Servers.
Furthermore I...
3
answers
0
votes
296
views
asked 8 months agolg...
Hi.
I have some questions:
1.I have enabled GuardDuty in my Organization with Control Tower. About findings I see this: "Findings are automatically sent to EventBridge. You can also export findings...
1
answers
0
votes
235
views
asked 8 months agolg...
Hi Team.
I have implemented Control Tower, Controls (Guardrails) and Conformance Packs for all accounts. After that, I received many sns notifications from email audit account.
I understand that I...
1
answers
0
votes
302
views
asked 8 months agolg...