Amazon GuardDuty is a fully managed threat detection service. GuardDuty uses both known and unknown threat detection systems to protect one or more AWS accounts from malicious or unauthorized activity. GuardDuty examines your CloudTrail, VPC Flow Logs, and DNS Query logs for threats identified by AWS and trusted partners and produces detailed, actionable findings.
The AWS Web Application Firewall (WAF) is a (relatively) recent addition to AWS’s already mature lineup of scalable, fault-tolerant, managed services. The WAF provides AWS customers with a flexible and cost-effective platform that protects web applications from malicious users, content abusers, and DDoS attackers.
Amazon Macie was introduced in 2017 and provides AWS customers with the ability detect and protect sensitive information such as intellectual property (IP) or personally identifiable information (PII), including credit card or social security numbers. Amazon Macie uses machine learning (ML) to identify classified information and to alert customers when unusual activity is detected. Continue reading “Amazon Macie”