AWS GuardDuty
Version: AWS GuardDuty.
Amazon GuardDuty is a threat detection service that continuously monitors malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3.
Amazon GuardDuty can be integrated with Netsurion Open XDR using Lambda function. After the logs are received from GuardDuty, Netsurion Open XDR alerts you of the following findings:
- Backdoor
- Crypto Currency
- Discovery
- Impact
- Pentest
- Persistence
- Policy
- Privilege Escalation
- Recon
- Resource Consumption
- Stealth
- Trojan
- Unauthorized Access
Netsurion Open XDR dashboard will display the summarized view of GuardDuty findings based on Threat type, Source IP and Map view of suspicious activities source location. Netsurion Open XDR reports will provide activities summary on scheduled basis. These reports will also furnish details about all activities, resources affected, about the threat actor, etc.
To take advantage of this data source integration and to learn more about alerts, reports, and dashboards, contact your Technical Account Manager (TAM). If you are not currently a Netsurion customer or partner, contact us to learn more.