Wider attack surface coverage powered by hundreds of integrations and deeper threat visibility powered by thousands of detections.
Version: AWS GuardDuty.
Amazon GuardDuty is a threat detection service that continuously monitors malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3.
Amazon GuardDuty can be integrated with Netsurion using Lambda function. After the logs are received from GuardDuty, Netsurion alerts you of the following findings:
Netsurion dashboard will display the summarized view of GuardDuty findings based on Threat type, Source IP and Map view of suspicious activities source location.
Netsurion reports will provide activities summary on scheduled basis. These reports will also furnish details about all activities, resources affected, about the threat actor, etc.
After configuring AWS GuardDuty to deliver events to Netsurion manager, alerts, saved searches, dashboard and reports can be configured into Netsurion.
Some of the Data Source Integrations available in Netsurion are listed below.
The configuration details in this guide are consistent with the Netsurion Open XDR platform version 9.2 and later, and AWS GuardDuty.
Download Integration Guide and How-to Guide for more information and to configuration instructions.