Findings Review using Amazon GuardDuty
GargeeBhatnagar
Posted on August 12, 2023
“ I have checked the documents of AWS to generate the findings from resources in accounts. So I got the AWS Amazon GuardDuty as a solution. Pricing of Amazon GuardDuty depends on cloudtrail events and vpc logs.”
Amazon GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation.
In this post, you will get to know how to review the findings using amazon guardduty.
Architecture Overview
The architecture diagram shows the overall deployment architecture with data flow, amazon guardduty, iam role, s3 bucket.
Solution overview
The blog post consists of the following phases:
Enable of Amazon GuardDuty with Findings[Low, Medium, High]
Output of GuardDuty Findings
Phase 1: Enable of Amazon GuardDuty with Findings[Low, Medium, High]
- Open the Amazon GuardDuty console and enable guardduty with default service role. In settings, generate the sample findings as well as it detects the finding for resources in account. Also we can configure the s3 bucket for export of findings in it if required.
Phase 2: Output of GuardDuty Findings
Clean-up
Disabled the Amazon GuardDuty.
Pricing
I review the pricing and estimated cost of this example.
Cost of Amazon GuardDuty = $0.0
Total Cost = $0.0
Summary
In this post, I showed “how to review the findings using amazon guardduty”.
For more details on Amazon GuardDuty, Checkout Get started Amazon GuardDuty, open the Amazon GuardDuty console. To learn more, read the Amazon GuardDuty documentation.
Thanks for reading!
Connect with me: Linkedin
Posted on August 12, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.