Questions tagged with Amazon GuardDuty
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hello!
I am in a difficult situation, because I have started my AWS account for activating the Conversion API within Meta Business Management.
I thought I would stay inside for free, but after the...
1
answers
0
votes
287
views
asked 8 days agolg...
Hi Everyone,
I am working for a bank and few days ago i am getting alerts in guard duty that there are malicious caller calling /version from US and Amsterdam.
Message is "A Kubernetes API commonly...
3
answers
0
votes
446
views
asked 9 days agolg...
Is there any way to enable guard duty's S3 protection for only some buckets?
As an example I have a bucket that stores company logos and profile pictures. I don't want all these access events...
2
answers
0
votes
310
views
asked 10 days agolg...
I initiated a GuardDuty on-demand malware scan on an EC2 instance, but it has had the status of "running" for 6 days. I was able to successfully run scans on other EC2 instances, and those ones...
2
answers
0
votes
108
views
asked 2 months agolg...
In a hub&spoke topology with centralized inspection and egress, and considering the cost of VPC flow logs if enabled in every spoke VPCs, I am tempted to only have the AWS firewall flow logs enabled...
1
answers
0
votes
1155
views
asked 2 months agolg...
I see:
* USE1-PaidEventsAnalyzed
* USW2-PaidEventsAnalyzed
* USW2-PaidS3DataEventsAnalyzed
* USE2-PaidEventsAnalyzed
* USE1-PaidS3DataEventsAnalyzed
* SAE1-PaidEventsAnalyzed
* EU-PaidEventsAnalyzed
*...
1
answers
0
votes
451
views
asked 2 months agolg...
Hi,
I've got a standard Ubuntu 20.04 x86_64 EC2 instance with SSM properly installed I'd like to get the Guardduty agent installed on. However, I'm getting an error 'failed to find platform no...
2
answers
0
votes
578
views
asked 3 months agolg...
I have a Kali OS running as a docker container. From this I ssh into an Ubuntu machine which is a managed instance and is appearing in GuardDuty for the other tests i have done (Custom threat list)...
1
answers
0
votes
133
views
asked 3 months agolg...
I am writing custom Config rule on the console. I have turned on '**proactive evaluation**'. While saving, I get this error:
'One or more of the specified parameters are invalid'
I am not sure whats...
1
answers
0
votes
200
views
asked 4 months agolg...
Hi. Rally hope someone can shed some light on this questions:
I understand as a best practice, access key age should be 90 days or less.
a - Is this 90 day limit set in stone? Can we have users who...
2
answers
0
votes
248
views
asked 4 months agolg...
Hello,
We have recently been testing the preview of EC2 runtime monitoring for GuardDuty. We downloaded software (metasploit) and ran some exploits tests that we figured should cause the ec2 runtime...
2
answers
0
votes
182
views
asked 4 months agolg...
Hi, I tried to setup GuardDuty Runtime Monitoring for ECS Fargate cluster, both ECS task and GuardDuty runtime coverage are in healthy state, but when I check findings section I don't see any...
1
answers
0
votes
415
views
asked 5 months agolg...