Questions tagged with Amazon GuardDuty
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
I have a Kali OS running as a docker container. From this I ssh into an Ubuntu machine which is a managed instance and is appearing in GuardDuty for the other tests i have done (Custom threat list)...
1
answers
0
votes
30
views
asked 5 days agolg...
I am writing custom Config rule on the console. I have turned on '**proactive evaluation**'. While saving, I get this error:
'One or more of the specified parameters are invalid'
I am not sure whats...
1
answers
0
votes
67
views
asked 21 days agolg...
Hi. Rally hope someone can shed some light on this questions:
I understand as a best practice, access key age should be 90 days or less.
a - Is this 90 day limit set in stone? Can we have users who...
2
answers
0
votes
78
views
asked 22 days agolg...
Hello,
We have recently been testing the preview of EC2 runtime monitoring for GuardDuty. We downloaded software (metasploit) and ran some exploits tests that we figured should cause the ec2 runtime...
2
answers
0
votes
66
views
asked a month agolg...
Hi, I tried to setup GuardDuty Runtime Monitoring for ECS Fargate cluster, both ECS task and GuardDuty runtime coverage are in healthy state, but when I check findings section I don't see any...
1
answers
0
votes
178
views
asked 2 months agolg...
I have a use case where I'd like to centralise GuardDuty findings from multiple member accounts into the Security Hub of one account. Let's call it the Audit account.
* I setup AWS Organisations with...
1
answers
1
votes
160
views
asked 2 months agolg...
Assuming that we are using
- EKS
- RDS (with Proxy)
- VPCs
- Elasticache
What would be the recommended security services to use here? There is a large number of them and I not sure, which ones to...
4
answers
0
votes
213
views
asked 3 months agolg...
Hello,
I have been receiving a high cost from GuardDuty every day for some time, when I analyzed it further I saw that this cost is related to the analysis of CloudTrail events by GuardDuty, and I...
2
answers
0
votes
183
views
asked 3 months agolg...
I am following [the steps](https://docs.aws.amazon.com/guardduty/latest/ug//managing-gdu-agent-ec2-manually.html) to enable the GuardDuty security agent on my ec2 instances which are used in a ecs...
2
answers
0
votes
216
views
asked 3 months agolg...
Hello,
I created an Event Bridge rule that picks Guard Duty findings and send them to a SNS topic. The topic itself is subscribed to a Slack channel.
I followed this article for setting up the rule:...
1
answers
0
votes
157
views
asked 3 months agolg...
Hello,
Has someone succeeded in enabling Runtime Monitoring on ECS Fargate for ARM 64 runtime?
I have enabled Automated agent configuration. All my tasks are Healthy, but it does not insert the...
0
answers
0
votes
110
views
asked 4 months agolg...
I am trying to install the Guardduty security agent on my AWS Linux 2 ami.
I following the instructions on...
1
answers
0
votes
365
views
asked 4 months agolg...