Explore how you can quickly prepare for, respond to, and recover from security events. Learn more.
Questions tagged with Amazon GuardDuty
threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
93 results
How is guard duty with AI tools different from the guard duty we have now?
I am trying to construct the automated Detective Investigation using https://aws.amazon.com/blogs/security/how-to-use-the-amazon-detective-api-to-investigate-guardduty-security-findings-and-enrich-dat...
I want to add the setting to exclude EC2 instances from malware scanning using cdk, but I can't find a way to do it.
This is part of my code
const GDDetector = new CfnDetector(this, `GuardDutyDetect...
How are EC2 Malware scanning done? Does it need any special agents to be installed? We have thousands of EC2 instances in our AWS organization. And what is the pricing for the malware scanning.
I'm investigating a high cost for AWS GuardDuty. The GuardDuty "Usage" page shows me that 90% of the GuardDuty cost comes from CloudTrail.
I've turned off all Trails in AWS CloudTrail. The AWS CloudT...
Hello,
We've been exploring [GuardDuty Malware Protection for S3](https://docs.aws.amazon.com/guardduty/latest/ug/gdu-malware-protection-s3.html). While the scan of newly uploaded objects in S3 bucke...
To use the AWS Guardduty malware s3 scanner, the scanner needs a role with appropriate permissions.
We have 2 existing roles in the account for guard, AWSServiceRoleForAmazonGuardDuty and AWSServic...
I have created MalwareProtection for s3. When an event pattern detects malware finding in s3, an associated SNS topic should send an email. It doesn't. I have the following CloudFormation, and sinc...
Hi AWS, I am writing an SCP to enable **AWS Config** and **AWS GuardDuty**. The approved regions are `us-east-1`, `us-east-2`, `us-west-1`. Here is the SCP code:
```
{
"Version": "2012-10-17",
...
I am setting up an Amazon GuardDuty and I am interested in the VPC Traffic Flow Logs collected and sent to GuardDuty. Can I customize this Traffic? For example, in my Account there are 5 VPCs and I on...
Hi Guys,
I am calculating costs for GD using malware protection for ec2. On the calculator section in EBS Volume Data Scan Analysis I put 1 GB data as it charges per GB data scanned. But as calculated...
I have
* account A enable Secuirty Hub & be an delegated administrator to collect findings from Security Hub Account B
* account B enable Security Hub & GuardDuty:
When GuardDuty Account B generate ...