May 13, 2020 / Eternal Team
When we first read its name, we thought it’ll be like some sort of security guard app that can protect our personal environment on the cloud, but unfortunately we were wrong lol 🙂 (Now don’t start judging us, we were just kidding)
Since the joke is over, in this blog we will let you know:
what is the AWS guard duty,
AWS has launched a new security service called Amazon Guarduty. This service aims to provide threat intelligence for your AWS account and EC2 instances. So that It continuously monitors for malicious or undesired activities like port scan, unauthorized use of your account, and many other potential problems
The Amazon Guarduty collets three logs that is
And the coolest thing is you can also add your different AWS accounts so that you can view and manage their GuardDuty Findings on their behalf. The service is as it is made by Machine Learning, which continuously evolves and understands your infrastructure.
How it works
First GuardDuty determines the issue, it generates a finding. These findings show up in the Amazon GuardDuty Management Console and can be sent to Amazon CloudWatch as an event. This flexibility means that you can easily review findings as well as react to them.
Trust me it’s very easy to set up on console so that i will put the link below so it can be easy for all
Amazon Guard Duty Features
And there are three-way to used AWS Guard duty
You have to keep in mind that Amazon Guard duty only supports below regions (the list might grow in future):
Asia Pacific: Mumbai, Seoul, Singapore, Sydney and Tokyo
EU: Frankfurt, Ireland, and London
US East: N. Virginia and Ohio
US West: Oregon and N. California
South America: São Paulo
And now let’s talk about the cost for this service,
Amazon GuardDuty is priced along two dimensions.
But new accounts to Amazon GuardDuty can try the service for 30-days at no cost in each supported region.
Pricing can be change by region.so just give you example for Mumbai regions,
AWS GuardDuty can detect and report malicious activities in the AWS account and workload. This is a managed service that identifies and reports undesired activities to the administrator.