GuardDuty

Intelligent threat detection service

Docs | Udemy-SAA-C03 |

Overview

• Managed threat detection

• Continuous security monitoring.

• Identify unexpected & malicious

Input

• VPC Flow logs

• DNS logs

• CloudTrail Event logs

• Optional feature: EKS audit logs, EBS, S3 Data event, Aurora & RDS.

Integration

With EventBridge in case of finding, then EventBridge rule can trigger Lambda, SNS.

integrate with EventBridge