By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Questions tagged with Amazon GuardDuty

threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation

Content language: English

Select up to 5 tags to filter
Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

93 results
How is guard duty with AI tools different from the guard duty we have now?
1
answers
0
votes
43
views
asked 5 days ago
I am trying to construct the automated Detective Investigation using https://aws.amazon.com/blogs/security/how-to-use-the-amazon-detective-api-to-investigate-guardduty-security-findings-and-enrich-dat...
1
answers
0
votes
33
views
asked a month ago
I want to add the setting to exclude EC2 instances from malware scanning using cdk, but I can't find a way to do it. This is part of my code const GDDetector = new CfnDetector(this, `GuardDutyDetect...
1
answers
0
votes
27
views
asked a month ago
How are EC2 Malware scanning done? Does it need any special agents to be installed? We have thousands of EC2 instances in our AWS organization. And what is the pricing for the malware scanning.
1
answers
0
votes
98
views
asked 2 months ago
I'm investigating a high cost for AWS GuardDuty. The GuardDuty "Usage" page shows me that 90% of the GuardDuty cost comes from CloudTrail. I've turned off all Trails in AWS CloudTrail. The AWS CloudT...
3
answers
0
votes
131
views
asked 3 months ago
Hello, We've been exploring [GuardDuty Malware Protection for S3](https://docs.aws.amazon.com/guardduty/latest/ug/gdu-malware-protection-s3.html). While the scan of newly uploaded objects in S3 bucke...
1
answers
0
votes
265
views
asked 3 months ago
To use the AWS Guardduty malware s3 scanner, the scanner needs a role with appropriate permissions. We have 2 existing roles in the account for guard, AWSServiceRoleForAmazonGuardDuty and AWSServic...
1
answers
0
votes
215
views
asked 3 months ago
I have created MalwareProtection for s3. When an event pattern detects malware finding in s3, an associated SNS topic should send an email. It doesn't. I have the following CloudFormation, and sinc...
3
answers
0
votes
177
views
asked 3 months ago
Hi AWS, I am writing an SCP to enable **AWS Config** and **AWS GuardDuty**. The approved regions are `us-east-1`, `us-east-2`, `us-west-1`. Here is the SCP code: ``` { "Version": "2012-10-17", ...
2
answers
0
votes
331
views
profile picture
asked 4 months ago
I am setting up an Amazon GuardDuty and I am interested in the VPC Traffic Flow Logs collected and sent to GuardDuty. Can I customize this Traffic? For example, in my Account there are 5 VPCs and I on...
1
answers
0
votes
560
views
asked 4 months ago
Hi Guys, I am calculating costs for GD using malware protection for ec2. On the calculator section in EBS Volume Data Scan Analysis I put 1 GB data as it charges per GB data scanned. But as calculated...
2
answers
0
votes
416
views
asked 4 months ago
I have * account A enable Secuirty Hub & be an delegated administrator to collect findings from Security Hub Account B * account B enable Security Hub & GuardDuty: When GuardDuty Account B generate ...
1
answers
0
votes
390
views
asked 4 months ago