Posted On: Mar 28, 2023
Amazon GuardDuty has added new functionality to its integration with AWS Organizations to make it even simpler to enforce threat detection across all accounts in an organization. Since April 2020, GuardDuty customers can leverage its integrations with AWS Organizations to manage GuardDuty for up to 5,000 AWS accounts, as well as automatically apply threat detection coverage to new accounts added to the organization. In some case, this could still result in coverage gaps, for example, if GuardDuty was not applied to all existing accounts, or if it was unintentionally suspended in individual accounts. Now with a few steps in the GuardDuty console, or one API call, delegated administrators can enforce GuardDuty threat detection coverage for their organization by automatically applying the service to all existing and new accounts, as well as automatically identifying and remediating potential coverage drift. To learn more, see the Amazon GuardDuty account management User Guide.
Customers across industries and geographies use Amazon GuardDuty to protect their AWS environments, including over 90% of AWS’s 2,000 largest customers. GuardDuty continuously monitors for malicious or unauthorized behavior to help protect your AWS resources, including your AWS accounts, access keys, EC2 instances, EKS clusters, data stored in S3, and Aurora databases. You can begin your 30-day free trial of Amazon GuardDuty with a single-click in the AWS Management Console. To receive programmatic updates on new GuardDuty features and threat detections, subscribe to the Amazon GuardDuty SNS topic.