Amazon GuardDuty is a continuous security monitoring service for Amazon Web Services (AWS) that requires no customer-managed hardware or software. GuardDuty analyzes and processes VPC Flow Logs and AWS CloudTrail event logs. GuardDuty uses security logic and AWS usage statistics techniques to identify unexpected and potentially unauthorized/malicious activity. This can include issues like escalations of privileges, uses of exposed credentials, or communication with malicious IPs, URLs, or domains.
GuardDuty informs you of the status of your AWS infrastructure and applications by producing security findings that you can view in the GuardDuty console or through Amazon CloudWatch events.
When you sign up for AWS, your AWS account is automatically signed up for all services in AWS, including Amazon GuardDuty. However, GuardDuty must be enabled on your account. For more information on enabling GuardDuty, refer to the Amazon GuardDuty User Guide.
With Alert Logic® Cloud Insight™ Essentials, you can build on the findings from Amazon GuardDuty and be provided with remediation actions. For more information on how Cloud Insight Essentials can help you be more secure, refer to our Introduction to Cloud Insight Essentials knowledge base article.
Still have questions? Check out other customers’ posts or add your own in the Cloud Insight Essentials community.