GuardDuty
Owner | |
---|---|
Verification | |
Tags | |
Last edited time |
Thereat discovery on AWS account for anomaly detection
- Cloud trail logs (management events + S3 data events)
- VPC flow logs
- DNS logs for EC2
- Kubernetes audit logs for EKS
In Organizations: one account can be delegated account to be an admin of guard duty