Ensure that Amazon GuardDuty service is currently enabled and not suspended in every region of your AWS Account. This ensures that it can protect your AWS Account and Infrastructure against security threats.
Amazon GuardDuty is an intelligent threat detection service that provides customers with an accurate and easy way to continuously monitor and protect their AWS accounts and workloads. GuardDuty analyzes billions of events across your AWS accounts from AWS CloudTrail (AWS user and API activity in your accounts), Amazon VPC Flow Logs (network traffic data), and DNS Logs (name query patterns).
Amazon GuardDuty threat detection identifies activity that can be associated with account compromise, instance compromise, and malicious reconnaissance. For example, GuardDuty detects unusual API calls, suspicious outbound communications to known malicious IP addresses, or possible data theft using DNS queries as the transport mechanism. GuardDuty delivers more accurate findings using machine learning enriched by threat intelligence, such as lists of malicious IPs and domains.
Recommendation
Open the GuardDuty console at https://console.aws.amazon.com/guardduty and ensure that GuardDuty is enabled and not suspended in every region of the AWS Account.
Parameters
Account gid: 410801124909
Region: us-east-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 410801124909
Region: us-east-2
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 410801124909
Region: us-west-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 410801124909
Region: us-west-2
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 410801124909
Region: ca-central-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 410801124909
Region: eu-central-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 410801124909
Region: eu-west-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 410801124909
Region: eu-west-2
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 410801124909
Region: eu-west-3
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 410801124909
Region: ap-northeast-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 410801124909
Region: ap-northeast-2
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 410801124909
Region: ap-southeast-2
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 410801124909
Region: ap-south-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 410801124909
Region: sa-east-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: us-east-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: us-east-2
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: us-west-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: us-west-2
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: ca-central-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: eu-central-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: eu-west-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: eu-west-2
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: eu-west-3
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: ap-northeast-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: ap-northeast-2
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: ap-southeast-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: ap-southeast-2
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: ap-south-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Account gid: 308692709302
Region: sa-east-1
Resource type : GuardDuty Detector
Resources
None
Related Resources
None
Horangi detected this issue on 2019-04-09 03:21:12.431827
Risk: medium
Description
Ensure that Amazon GuardDuty service is currently enabled and not suspended in every region of your AWS Account. This ensures that it can protect your AWS Account and Infrastructure against security threats.
Amazon GuardDuty is an intelligent threat detection service that provides customers with an accurate and easy way to continuously monitor and protect their AWS accounts and workloads. GuardDuty analyzes billions of events across your AWS accounts from AWS CloudTrail (AWS user and API activity in your accounts), Amazon VPC Flow Logs (network traffic data), and DNS Logs (name query patterns).
Amazon GuardDuty threat detection identifies activity that can be associated with account compromise, instance compromise, and malicious reconnaissance. For example, GuardDuty detects unusual API calls, suspicious outbound communications to known malicious IP addresses, or possible data theft using DNS queries as the transport mechanism. GuardDuty delivers more accurate findings using machine learning enriched by threat intelligence, such as lists of malicious IPs and domains.
Recommendation
Open the GuardDuty console at https://console.aws.amazon.com/guardduty and ensure that GuardDuty is enabled and not suspended in every region of the AWS Account.
Parameters
Account gid: 410801124909
Region: us-east-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 410801124909
Region: us-east-2
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 410801124909
Region: us-west-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 410801124909
Region: us-west-2
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 410801124909
Region: ca-central-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 410801124909
Region: eu-central-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 410801124909
Region: eu-west-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 410801124909
Region: eu-west-2
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 410801124909
Region: eu-west-3
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 410801124909
Region: ap-northeast-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 410801124909
Region: ap-northeast-2
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 410801124909
Region: ap-southeast-2
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 410801124909
Region: ap-south-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 410801124909
Region: sa-east-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: us-east-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: us-east-2
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: us-west-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: us-west-2
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: ca-central-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: eu-central-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: eu-west-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: eu-west-2
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: eu-west-3
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: ap-northeast-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: ap-northeast-2
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: ap-southeast-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: ap-southeast-2
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: ap-south-1
Resource type : GuardDuty Detector
Resources
Related Resources
Account gid: 308692709302
Region: sa-east-1
Resource type : GuardDuty Detector
Resources
Related Resources
Horangi detected this issue on 2019-04-09 03:21:12.431827