LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Complete Guide to AWS Security and Compliance Management

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Exploring AWS GuardDuty

Exploring AWS GuardDuty - Amazon Web Services (AWS) Tutorial

From the course: Complete Guide to AWS Security and Compliance Management

Start my 1-month free trial Buy for my team

Exploring AWS GuardDuty

“

- [Narrator] With an understanding of what GuardDuty is, let's see an example of the types of alerts it can create. Consider the following scenario. An organization operates services in AWS, primarily in the Oregon region. As such, GuardDuty has been enabled in that region and immediately starts evaluating threats. Shortly thereafter, a hacker, intent on causing mischief, gains access to some AWS credentials. Using Tor in an attempt to mask her identity, she starts poking at the AWS account in question. Let's see what GuardDuty thinks of that. From the console, let's get back to the GuardDuty page. Since it's a service I visited recently, it's in my recently visited list, so all I need to do is click on the link. Immediately, we can see that there are a collection of findings. Scrolling down, we see a bit of data about the types of findings and the number of them. Scrolling up, let's take a look at all findings by clicking on the View All Findings link. There's a low severity finding…

Contents