Amazon GuardDuty
Use this page as a service-specific case-study starter for architecture, simulation, and optimization scenarios in pinpole.cloud.
Why this service matters
Amazon GuardDuty is an intelligent threat detection service that monitors for malicious activity.
Power:
- Analyzes CloudTrail, VPC Flow Logs, DNS logs automatically
- ML-based anomaly detection
- S3 protection, EKS protection, RDS protection, Lambda protection
- Malware scanning for EBS volumes
- Organization-wide deployment
Important workflows
- Design - Configure service behavior for your workload.
Configuration sections
- Why GuardDuty (Power + Limits)
- GuardDuty Settings
Key configuration points
| Point | Default / Value | Category |
|---|---|---|
| Enabled | true | GuardDuty Settings |
| S3 Protection | true | GuardDuty Settings |
| EKS Protection | true | GuardDuty Settings |
| RDS Protection | false | GuardDuty Settings |
| Lambda Protection | false | GuardDuty Settings |
| Malware Protection | false | GuardDuty Settings |
| Publish to EventBridge | true | GuardDuty Settings |