Questions tagged with Amazon GuardDuty
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
I have a use case where I'd like to centralise GuardDuty findings from multiple member accounts into the Security Hub of one account. Let's call it the Audit account.
* I setup AWS Organisations with...
1
answers
1
votes
313
views
asked 5 months agolg...
Assuming that we are using
- EKS
- RDS (with Proxy)
- VPCs
- Elasticache
What would be the recommended security services to use here? There is a large number of them and I not sure, which ones to...
4
answers
0
votes
311
views
asked 6 months agolg...
Hello,
I have been receiving a high cost from GuardDuty every day for some time, when I analyzed it further I saw that this cost is related to the analysis of CloudTrail events by GuardDuty, and I...
2
answers
0
votes
356
views
asked 6 months agolg...
I am following [the steps](https://docs.aws.amazon.com/guardduty/latest/ug//managing-gdu-agent-ec2-manually.html) to enable the GuardDuty security agent on my ec2 instances which are used in a ecs...
2
answers
0
votes
436
views
asked 6 months agolg...
Hello,
I created an Event Bridge rule that picks Guard Duty findings and send them to a SNS topic. The topic itself is subscribed to a Slack channel.
I followed this article for setting up the rule:...
1
answers
0
votes
269
views
asked 6 months agolg...
Hello,
Has someone succeeded in enabling Runtime Monitoring on ECS Fargate for ARM 64 runtime?
I have enabled Automated agent configuration. All my tasks are Healthy, but it does not insert the...
0
answers
0
votes
137
views
asked 6 months agolg...
I am trying to install the Guardduty security agent on my AWS Linux 2 ami.
I following the instructions on...
1
answers
0
votes
596
views
asked 6 months agolg...
Can you just use Guard Duty Runtime Monitoring for ECS? Or do you have to turn on some base level features of guard duty as well?
1
answers
0
votes
386
views
asked 6 months agolg...
I would like to take an IaaC approach to configuring GuardDuty to export its findings to a S3 bucket.
I've successfully managed to do this via button clicks in the console, examined the bucket policy...
1
answers
0
votes
459
views
asked 7 months agolg...
I have enabled Guard duty and changed the Finding publish frequency to 15 minutes. I have created a eventbridge rule to send me an email if there are any new findings.
There is one new finding...
2
answers
0
votes
449
views
asked 7 months agolg...
Hello team ,
How can we configure securityhub , cloudtrail , guardduty and config for the accounts I have provided via AFT ?
2
answers
0
votes
332
views
asked 7 months agolg...
Hi,
I set up an EKS cluster using an NLB. It's currently working fine but the security group creates rules that open some ports to internet. The instances behind the security group are being probed...
0
answers
0
votes
183
views
asked 8 months agolg...