Posted On: May 23, 2019
Amazon GuardDuty is now a Service Organization Control (SOC) compliant service. This compliance certification applies to all AWS Regions where Amazon GuardDuty is available.
Amazon GuardDuty is a managed threat detection service that continuously monitors your AWS resources for malicious or unauthorized behavior to help you protect your AWS accounts and workloads.
Amazon GuardDuty is now SOC 1, 2, and 3 compliant, allowing you to get deep insight into the security processes and controls that protect customer data. AWS SOC (System and Organization Controls) reports are independent third-party examination reports that demonstrate how AWS achieves key compliance controls and objectives. These reports are often leveraged by diverse industries, such as technology, healthcare, banking and financial services, and used for Sarbanes-Oxley (SOX) efforts.
In addition to meeting standards for SOC, Amazon GuardDuty is in scope for PCI-DSS and ISO (9001, 27001, 27017, and 27018) compliance, and HIPAA eligibility. You can go to the Services in Scope by Compliance Program page to see a full list.
Amazon GuardDuty monitors for activity such as unusual API calls or potentially unauthorized deployments that indicate a possible account compromise. GuardDuty also detects potentially compromised instances or reconnaissance by attackers. Enabled with a few clicks in the AWS Management Console, Amazon GuardDuty can immediately begin analyzing billions of events across your AWS accounts for signs of risk. It does not require you to deploy and maintain software or security infrastructure, meaning it can be enabled quickly with no risk of negatively impacting existing application workloads.