Amazon Web Services has unveiled a continuous security monitoring and threat detection service in a move to help customers identify potential threats to their AWS accounts.
Amazon GuardDuty is designed to apply machine learning and scan public and AWS-generated data streams to detect malicious or unauthorized activity in users’ AWS environments, AWS Chief Evangelist Jeff Barr wrote in a blog post published Tuesday.
He said the GuardDuty offering works to search for suspicious behavior on the AWS side such as unauthorized deployments; unusual activity in the CloudTrail activity tracker; patterns of access to application programming interface functions; and attempts to exceed numerous service limits.
The platform can fully operate on AWS infrastructure and would not require clients to install or manage agents, sensors or network appliances, Barr added.
GuardDuty also facilitates reporting of findings at the low, medium or high threat levels and displays evidence and recommended actions.