Monday, 19 November 2018

Three new Threat Detection added in Amazon GuardDuty

Amazon GuardDuty is a threat detection service which persistently detects for harmful or forbidden actions to assist you secure your AWS accounts and workloads. It scans for activity like abnormal API calls or potentially prohibited deployments which exhibit a feasible account deal. Amazon GuardDuty too monitors potentially compromised instances or scan by attackers.

New three threat detection added in Amazon GuardDuty, two of them aids to detect suspicious Tor Network-related activity, and the third one aids identify cryptocurrency mining-related actions. The new finding types are: UnauthorizedAccess : EC2/TorClient and UnauthorizedAccess : EC2/TorRelay. The new cryptocurrency searching enlarges the service’s ability to scan Amazon EC2 instances asking IP addresses linked with cryptocurrency-related actions. The new finding type is : CryptoCurrency : EC2/BitcoinTool.B. To know further, visit Amazon GuardDuty Findings.

No comments:

Post a Comment

CloudWatch control metrics now upheld by Amazon Cognito

Amazon Cognito now upholds the CloudWatch Usage Metrics which makes it easier for the administrators to supervise, report and take neces...