Questions tagged with Amazon GuardDuty
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Is there any way to enable guard duty's S3 protection for only some buckets?
As an example I have a bucket that stores company logos and profile pictures. I don't want all these access events...
2
answers
0
votes
45
views
asked 3 hours agolg...
I initiated a GuardDuty on-demand malware scan on an EC2 instance, but it has had the status of "running" for 6 days. I was able to successfully run scans on other EC2 instances, and those ones...
2
answers
0
votes
97
views
asked a month agolg...
In a hub&spoke topology with centralized inspection and egress, and considering the cost of VPC flow logs if enabled in every spoke VPCs, I am tempted to only have the AWS firewall flow logs enabled...
1
answers
0
votes
640
views
asked 2 months agolg...
I see:
* USE1-PaidEventsAnalyzed
* USW2-PaidEventsAnalyzed
* USW2-PaidS3DataEventsAnalyzed
* USE2-PaidEventsAnalyzed
* USE1-PaidS3DataEventsAnalyzed
* SAE1-PaidEventsAnalyzed
* EU-PaidEventsAnalyzed
*...
1
answers
0
votes
377
views
asked 2 months agolg...
Hi,
I've got a standard Ubuntu 20.04 x86_64 EC2 instance with SSM properly installed I'd like to get the Guardduty agent installed on. However, I'm getting an error 'failed to find platform no...
2
answers
0
votes
545
views
asked 2 months agolg...
I have a Kali OS running as a docker container. From this I ssh into an Ubuntu machine which is a managed instance and is appearing in GuardDuty for the other tests i have done (Custom threat list)...
1
answers
0
votes
123
views
asked 3 months agolg...
I am writing custom Config rule on the console. I have turned on '**proactive evaluation**'. While saving, I get this error:
'One or more of the specified parameters are invalid'
I am not sure whats...
1
answers
0
votes
186
views
asked 3 months agolg...
Hi. Rally hope someone can shed some light on this questions:
I understand as a best practice, access key age should be 90 days or less.
a - Is this 90 day limit set in stone? Can we have users who...
2
answers
0
votes
225
views
asked 3 months agolg...
Hello,
We have recently been testing the preview of EC2 runtime monitoring for GuardDuty. We downloaded software (metasploit) and ran some exploits tests that we figured should cause the ec2 runtime...
2
answers
0
votes
171
views
asked 3 months agolg...
Hi, I tried to setup GuardDuty Runtime Monitoring for ECS Fargate cluster, both ECS task and GuardDuty runtime coverage are in healthy state, but when I check findings section I don't see any...
1
answers
0
votes
390
views
asked 4 months agolg...
I have a use case where I'd like to centralise GuardDuty findings from multiple member accounts into the Security Hub of one account. Let's call it the Audit account.
* I setup AWS Organisations with...
1
answers
1
votes
305
views
asked 5 months agolg...
Assuming that we are using
- EKS
- RDS (with Proxy)
- VPCs
- Elasticache
What would be the recommended security services to use here? There is a large number of them and I not sure, which ones to...
4
answers
0
votes
310
views
asked 6 months agolg...