Questions tagged with Amazon GuardDuty
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
I initiated a GuardDuty on-demand malware scan on an EC2 instance, but it has had the status of "running" for 6 days. I was able to successfully run scans on other EC2 instances, and those ones...
2
answers
0
votes
60
views
asked 21 days agolg...
In a hub&spoke topology with centralized inspection and egress, and considering the cost of VPC flow logs if enabled in every spoke VPCs, I am tempted to only have the AWS firewall flow logs enabled...
1
answers
0
votes
122
views
asked a month agolg...
I see:
* USE1-PaidEventsAnalyzed
* USW2-PaidEventsAnalyzed
* USW2-PaidS3DataEventsAnalyzed
* USE2-PaidEventsAnalyzed
* USE1-PaidS3DataEventsAnalyzed
* SAE1-PaidEventsAnalyzed
* EU-PaidEventsAnalyzed
*...
1
answers
0
votes
230
views
asked a month agolg...
Hi,
I've got a standard Ubuntu 20.04 x86_64 EC2 instance with SSM properly installed I'd like to get the Guardduty agent installed on. However, I'm getting an error 'failed to find platform no...
2
answers
0
votes
468
views
asked 2 months agolg...
I have a Kali OS running as a docker container. From this I ssh into an Ubuntu machine which is a managed instance and is appearing in GuardDuty for the other tests i have done (Custom threat list)...
1
answers
0
votes
89
views
asked 2 months agolg...
I am writing custom Config rule on the console. I have turned on '**proactive evaluation**'. While saving, I get this error:
'One or more of the specified parameters are invalid'
I am not sure whats...
1
answers
0
votes
150
views
asked 3 months agolg...
Hi. Rally hope someone can shed some light on this questions:
I understand as a best practice, access key age should be 90 days or less.
a - Is this 90 day limit set in stone? Can we have users who...
2
answers
0
votes
178
views
asked 3 months agolg...
Hello,
We have recently been testing the preview of EC2 runtime monitoring for GuardDuty. We downloaded software (metasploit) and ran some exploits tests that we figured should cause the ec2 runtime...
2
answers
0
votes
131
views
asked 3 months agolg...
Hi, I tried to setup GuardDuty Runtime Monitoring for ECS Fargate cluster, both ECS task and GuardDuty runtime coverage are in healthy state, but when I check findings section I don't see any...
1
answers
0
votes
333
views
asked 4 months agolg...
I have a use case where I'd like to centralise GuardDuty findings from multiple member accounts into the Security Hub of one account. Let's call it the Audit account.
* I setup AWS Organisations with...
1
answers
1
votes
254
views
asked 4 months agolg...
Assuming that we are using
- EKS
- RDS (with Proxy)
- VPCs
- Elasticache
What would be the recommended security services to use here? There is a large number of them and I not sure, which ones to...
4
answers
0
votes
275
views
asked 5 months agolg...
Hello,
I have been receiving a high cost from GuardDuty every day for some time, when I analyzed it further I saw that this cost is related to the analysis of CloudTrail events by GuardDuty, and I...
2
answers
0
votes
307
views
asked 5 months agolg...