I use AWS GuardDuty to monitor AWS accounts and investigate security threats continuously. It enhances the security of AWS infrastructures and applications, ensuring compliance with regulations like HIPAA and GDPR.
Protect your accounts, data, and assets across diverse AWS computing environments, encompassing Amazon Elastic Compute Cloud (Amazon EC2), serverless operations, and container workloads, including those utilizing AWS Fargate.
IT Controller at a outsourcing company with 11-50 employees
Real User
Top 20
2024-01-17T07:22:19Z
Jan 17, 2024
My company uses AWS GuardDuty to develop the software and provide services to clients. I use the solution to monitor the service on the AWS workload or AWS instance and monitor threats or vulnerabilities.
AWS initially interested me more from the architecture and direction perspective, rather than DevOps, for instance. I wanted to gain expertise in the wide range of services they offer, one of which is GuardDuty. It's not my main focus, but it's a good basic threat detection starting point. Whenever we need some kind of service for threat detection, we go to one of the many options in the vast AWS cloud portfolio. We pick GuardDuty to protect our endpoints, and it's a good first-line solution for quick deployment. Once we have experience using this AWS offering, we'll likely start looking deeper. We might then go to the marketplace to find another, potentially third-party solution.
AWS GuardDuty is a monitoring solution. The product helps us in threat monitoring. It notifies us of illegitimate users or any other cyber attack scenarios.
Amazon GuardDuty is an AWS Managed Service. The product finds information related to potential security risks and detects our environment related findings. It is a service that helps administrators find anomalies in their environment, rectify those issues and make the environment more secure and safe. For example, consider some S3 buckets; we have X server access login disabled and certain configurations which are recommended that we are not following that are certain IAM user regulates such as monitoring from the background. Amazon GuardDuty will give us anomaly data for that particular IAM user, advising that certain activity was suspicious.
We are only using it for a client's requirements; we are simply building it and selling it to the client. Amazon GuardDuty is used on private infrastructure for our clients. The application is not publicly accessible; it is hosted internally. GuardDuty has been used to set the CloudWatch alarms. Assume that both scans are detected, or something similar, we have just enabled CloudWatch alarms for those use cases so that any such use case is detected. The alert will be triggered, and we have configured and integrated Amazon GuardDuty with all of the other seven accounts to have the central HPU.
Most of the time, Amazon GuardDuty is used to collect additional network login requirements, so it's basically in the compliance setting, particularly if you need to collect additional logs, or you need additional protection for your infrastructure in the cloud. Those are the areas where you can utilize Amazon GuardDuty and have it assist with compliance, as it's one of the authorized services for compliance, and it's more than likely the tool to use. For the most part, my organization uses the solution for additional protection within the cloud and also to assist with any additional login capabilities that you can't get through the other services. Amazon GuardDuty fills those gaps and helps facilitate a lot of gaps that you have.
Amazon Guard Duty is a continuous cloud security monitoring service that consistently monitors and administers several data sources. These include AWS CloudTrail data events for EKS (Elastic Kubernetes Service) audit logs, VPC (Virtual Private Cloud) flow logs, DNS (Domain Name System) logs, S3 (Simple Cloud Storage), and AWS CloudTrail event logs. Amazon GuardDuty intuitively uses threat intelligence data - such as lists of malicious domains and IP addresses - and ML (machine learning) to...
I use AWS GuardDuty to monitor AWS accounts and investigate security threats continuously. It enhances the security of AWS infrastructures and applications, ensuring compliance with regulations like HIPAA and GDPR.
Protect your accounts, data, and assets across diverse AWS computing environments, encompassing Amazon Elastic Compute Cloud (Amazon EC2), serverless operations, and container workloads, including those utilizing AWS Fargate.
My company uses AWS GuardDuty to develop the software and provide services to clients. I use the solution to monitor the service on the AWS workload or AWS instance and monitor threats or vulnerabilities.
AWS initially interested me more from the architecture and direction perspective, rather than DevOps, for instance. I wanted to gain expertise in the wide range of services they offer, one of which is GuardDuty. It's not my main focus, but it's a good basic threat detection starting point. Whenever we need some kind of service for threat detection, we go to one of the many options in the vast AWS cloud portfolio. We pick GuardDuty to protect our endpoints, and it's a good first-line solution for quick deployment. Once we have experience using this AWS offering, we'll likely start looking deeper. We might then go to the marketplace to find another, potentially third-party solution.
It helps us detect brute-force attacks based on machine learning. It alerts the security team for possible attacks as well.
AWS GuardDuty is a monitoring solution. The product helps us in threat monitoring. It notifies us of illegitimate users or any other cyber attack scenarios.
We use AWS GuardDuty in our company to safeguard our deployment production.
Amazon GuardDuty is an AWS Managed Service. The product finds information related to potential security risks and detects our environment related findings. It is a service that helps administrators find anomalies in their environment, rectify those issues and make the environment more secure and safe. For example, consider some S3 buckets; we have X server access login disabled and certain configurations which are recommended that we are not following that are certain IAM user regulates such as monitoring from the background. Amazon GuardDuty will give us anomaly data for that particular IAM user, advising that certain activity was suspicious.
We are only using it for a client's requirements; we are simply building it and selling it to the client. Amazon GuardDuty is used on private infrastructure for our clients. The application is not publicly accessible; it is hosted internally. GuardDuty has been used to set the CloudWatch alarms. Assume that both scans are detected, or something similar, we have just enabled CloudWatch alarms for those use cases so that any such use case is detected. The alert will be triggered, and we have configured and integrated Amazon GuardDuty with all of the other seven accounts to have the central HPU.
Most of the time, Amazon GuardDuty is used to collect additional network login requirements, so it's basically in the compliance setting, particularly if you need to collect additional logs, or you need additional protection for your infrastructure in the cloud. Those are the areas where you can utilize Amazon GuardDuty and have it assist with compliance, as it's one of the authorized services for compliance, and it's more than likely the tool to use. For the most part, my organization uses the solution for additional protection within the cloud and also to assist with any additional login capabilities that you can't get through the other services. Amazon GuardDuty fills those gaps and helps facilitate a lot of gaps that you have.
I mainly use GuardDuty to check user responses, collect logs, and collect data on who logs in and out and their permission and authorization.