Amazon GuardDuty is a threat detection service which non-stop observes for harmful and uncertified action to secure your AWS accounts and workloads. Amazon GuardDuty examine billions of events over your AWS accounts from AWS CloudTrail (AWS user and API activity in your accounts), Amazon VPC Flow Logs (network traffic data), and DNS Logs (name query patterns). The Amazon
GuardDuty service is based on machine learning, abnormality detection, and integrated threat intelligence to spot and prioritize potential threats. GuardDuty informs you of the status of your AWS environment by producing security findings that you can view in the GuardDuty console or through Amazon CloudWatch events. Now Amazon GuardDuty users can export findings to Amazon S3 with the help of GuardDuty management console and API. Aggregating findings from across regions is clarified with findings export. After configured from the GuardDuty master account, users can export findings from every linked member accounts and all AWS regions to one user held S3 bucket. The utilized S3 bucket can be in the same account in which GuardDuty is activated, or in any other AWS account. Once Findings export is configured in each Region, Amazon GuardDuty findings are automatically exported from GuardDuty to the configured Amazon S3 bucket. To know further about Findings export, refer GuardDuty User Guide and Amazon GuardDuty Findings. To
get the complete list of AWS Region where Amazon GuardDuty is accessible, visit AWS Regions. You can start your 30-day Amazon GuardDuty Free Trial in the AWS Management console with just few clicks.
No comments:
Post a Comment