Powerful threat prediction, prevention, detection, and response along with compliance in a scalable, simple managed solution.
All-in-one networking solution that combines network connectivity, agility, security, and compliance in an affordable managed solution.
Accelerate business growth through our award-winning partner program.
Amazon GuardDuty is a threat detection service that continuously monitors malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3.
Amazon GuardDuty can be integrated with EventTracker using EventTracker Lambda function. After the logs are received from GuardDuty, EventTracker alerts you of the following findings:
EventTracker dashboard will display the summarized view of GuardDuty findings based on Threat type, Source IP and Map view of suspicious activities source location.
EventTracker reports will provide activities summary on scheduled basis. These reports will also furnish details about all activities, resources affected, about the threat actor, etc.
After configuring AWS GuardDuty to deliver events to EventTracker manager, alerts, saved searches, dashboard and reports can be configured into EventTracker.
Some of the knowledge packs available in EventTracker are listed below. For more information, refer Integration Guide.
The configuration details in this guide are consistent with EventTracker version 9.2 and later, AWS GuardDuty.
To configure AWS GuardDuty to send logs to EventTracker, refer the How to Guide.
For more information please refer the Integration guide.