Amazon recently announced that it would equip its Amazon Web Services (AWS) GuardDuty platform with additional threat detection capabilities to bolster customer security.
The
three new capabilities expand GuardDuty protection to customers’
containerized workloads, as well as data stored in databases and
serverless environments.
- Amazon GuardDuty
is a security monitoring service that analyzes and processes
foundational data services, such as AWS CloudTrail management events,
AWS CloudTrail event logs, VPC flow logs, and DNS logs.
- New
container runtime protection for Amazon EKS incorporates a security
agent that tracks on-host operating system-level settings such as file
access, process execution, and network connections without requiring
any customer action for maintenance, deployment, or updates.
- Guard
Duty RDS protection provides extended coverage for data stored in
Amazon Aurora databases by identifying potential threats to data stored
without compromising performance, productivity, or availability.
- Newly
added GuardDuty Lambda Protection continuously monitors serverless
workloads while analyzing network communications to detect malicious
communications and compromising activity, such as cryptocurrency
mining.
