GuardDuty

  • GuardDuty analyses tens of billions of events across multiple AWS data sources, such as CloudTrail, VPC Flow Logs, and DNS logs.

  • Through the multi-account feature, all member accounts findings can be aggregated with a GuardDuty administrator account.

  • It can inform you that an EC2 instance in your AWS environment was involved in a brute force attack.

    • This can protect your AWS resources from attacks that are aimed at obtaining passwords to SSH services on Linux-based systems.

PreviousJon Bonso (TutorialsDojo) Practice Test ScoresNextInspector

Last updated