Questions tagged with Amazon GuardDuty
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hello!
I am in a difficult situation, because I have started my AWS account for activating the Conversion API within Meta Business Management.
I thought I would stay inside for free, but after the...
0
answers
0
votes
118
views
asked 2 days agolg...
Hi Everyone,
I am working for a bank and few days ago i am getting alerts in guard duty that there are malicious caller calling /version from US and Amsterdam.
Message is "A Kubernetes API commonly...
3
answers
0
votes
141
views
asked 3 days agolg...
Is there any way to enable guard duty's S3 protection for only some buckets?
As an example I have a bucket that stores company logos and profile pictures. I don't want all these access events...
2
answers
0
votes
284
views
asked 3 days agolg...
I initiated a GuardDuty on-demand malware scan on an EC2 instance, but it has had the status of "running" for 6 days. I was able to successfully run scans on other EC2 instances, and those ones...
2
answers
0
votes
102
views
asked 2 months agolg...
In a hub&spoke topology with centralized inspection and egress, and considering the cost of VPC flow logs if enabled in every spoke VPCs, I am tempted to only have the AWS firewall flow logs enabled...
1
answers
0
votes
769
views
asked 2 months agolg...
I see:
* USE1-PaidEventsAnalyzed
* USW2-PaidEventsAnalyzed
* USW2-PaidS3DataEventsAnalyzed
* USE2-PaidEventsAnalyzed
* USE1-PaidS3DataEventsAnalyzed
* SAE1-PaidEventsAnalyzed
* EU-PaidEventsAnalyzed
*...
1
answers
0
votes
409
views
asked 2 months agolg...
Hi,
I've got a standard Ubuntu 20.04 x86_64 EC2 instance with SSM properly installed I'd like to get the Guardduty agent installed on. However, I'm getting an error 'failed to find platform no...
2
answers
0
votes
560
views
asked 3 months agolg...
I have a Kali OS running as a docker container. From this I ssh into an Ubuntu machine which is a managed instance and is appearing in GuardDuty for the other tests i have done (Custom threat list)...
1
answers
0
votes
128
views
asked 3 months agolg...
I am writing custom Config rule on the console. I have turned on '**proactive evaluation**'. While saving, I get this error:
'One or more of the specified parameters are invalid'
I am not sure whats...
1
answers
0
votes
193
views
asked 3 months agolg...
Hi. Rally hope someone can shed some light on this questions:
I understand as a best practice, access key age should be 90 days or less.
a - Is this 90 day limit set in stone? Can we have users who...
2
answers
0
votes
233
views
asked 3 months agolg...
Hello,
We have recently been testing the preview of EC2 runtime monitoring for GuardDuty. We downloaded software (metasploit) and ran some exploits tests that we figured should cause the ec2 runtime...
2
answers
0
votes
176
views
asked 4 months agolg...
Hi, I tried to setup GuardDuty Runtime Monitoring for ECS Fargate cluster, both ECS task and GuardDuty runtime coverage are in healthy state, but when I check findings section I don't see any...
1
answers
0
votes
398
views
asked 4 months agolg...