Questions tagged with Amazon GuardDuty
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Amazon GuardDuty IP Block List Automation - Implement periodic logging of the current Block Listlg...
Hi AWS team,
We’re a small company building out our infrastructure on AWS and recently implemented most of the automations detailed in the following AWS Blog Post: [How to use Amazon GuardDuty and...
1
answers
0
votes
234
views
asked 8 months agolg...
Per the recommendations from the Security pillar of a Well Architected Review conducted on our accounts, our company enabled Security Hub for a centralized view of security findings and Guard Duty for...
2
answers
0
votes
273
views
asked 8 months agolg...
I used "Generates sample findings" in GuardDuty settings to test the integration with AWS Security Hub and the SNS notifications configuration.
It works great, but now I have a long list of findings...
Accepted AnswerAmazon GuardDuty
4
answers
0
votes
789
views
asked 9 months agolg...
Hi yall,
we actually try this solution: https://aws.amazon.com/es/blogs/security/how-to-use-amazon-guardduty-and-aws-waf-v2-to-automatically-block-suspicious-hosts/
but during the deployment appear...
3
answers
0
votes
318
views
asked 9 months agolg...
Regarding Guard Dutylg...
I have followed document and tried to configure the guard duty service for forwarding the logs to s3 bucket, everythings seems well but logs are not getting stored in bucket. Need help.
1
answers
0
votes
255
views
asked 10 months agolg...
How can I go about getting ALL of the detectors that are enabled in my environment?
2
answers
0
votes
320
views
asked 10 months agolg...
My instance only opens external access network traffic to certain specific ip and ports, but this alarm will still appear
Findings:
Malware scan
Scan ID
d954e9ec99318c5df6946cc3ece1db32
Scan...
1
answers
1
votes
1559
views
asked 10 months agolg...
I wrote a code with nodejs which uses createIntelSet method.
but It throws Error below:
InternalServerErrorException: The request is rejected because the caller is not authorized to call this API.
I...
1
answers
0
votes
247
views
asked 10 months agolg...
Hi Team.
My ec2 instance instance is often communication with public DNS resolvers (google, azure, Cloudflare) instead of AWS VPC's DNS resolver.
EC2 instance's Network settings are set to automatic...
3
answers
0
votes
629
views
asked 10 months agolg...
Hi Team,
I am getting EC2/UnusualDNSResolve for my private windows Ec2 instance.
DNS IP: 8.8.8.8
network settings are not changed. can you help me to find the this finding is triggered
Regards.
2
answers
0
votes
2513
views
asked 10 months agolg...
Hi there, I have a quick questions. When I enable VPC flow logs to then be pushed to an S3 bucket, will GuardDuty still be able to review my logs or does it need any specific access to the bucket for...
1
answers
0
votes
451
views
asked 10 months agolg...
How can suppression rules be disabled for (a) certain account(s) in an organization?
So most accounts should be able to utilize suppression rules, but some accounts should not be able to suppress...
1
answers
0
votes
400
views
asked 10 months agolg...