Amazon GuardDuty is a threat detection service that continuously monitors your AWS Cloud accounts for compromised accounts, abnormal behaviors, and malware using anomaly detection, machine learning, behavioral modeling, and threat intelligence feeds.
Amazon GuardDuty helps to mitigate threats to your infrastructure with automated remediation or prevention with AWS Lambda. It automatically analyzes AWS workloads, such as AWS accounts and users, instances, container workloads, databases, and storage to monitor for threats.
You don’t need to deploy any additional software to utilize Amazon GuardDuty. Just go through a few clicks on the AWS Management Console to activate it in few seconds.
Resources
- Amazon GuardDuty (AWS)
- Amazon GuardDuty Overview (AWS KB)