Guardduty
#aws #guard #guard_duty
AWS GuardDuty is the security monitoring service for some foundation resources
- VPC flow log
- DNS log
- CloudTrail management event
- CloudTrail event log
Additional features
- EC2 scanning (virus, cryto mining): detect unauthorized access.
- Kubernetes audit log
- RDS login detection
- S3 log
- EBS volume scanning.