Posted On: Aug 22, 2023

Amazon GuardDuty announces a new capability to help customers streamline and simplify how they set up and administer protection plan coverage across all member accounts in an organization. Delegated Administrators (DAs) can now enable one or more GuardDuty features, for all existing and newly-added members of an organization within the same region and helps ensure consistent security coverage across their organization.

Customers across many industries and geographies use Amazon GuardDuty to protect their workloads, applications, and data on AWS, including more than 90% of AWS’s 2,000 largest customers. GuardDuty can identify unusual or unauthorized activity like cryptocurrency mining, access to data stored in Amazon Simple Storage Service (Amazon S3) from unusual locations, or unauthorized access to Amazon Elastic Kubernetes Service (Amazon EKS) clusters. GuardDuty Malware Protection adds file scanning for workloads utilizing Amazon Elastic Block Store (Amazon EBS) volumes to detect the presence of malware. GuardDuty EKS Runtime Monitoring extends the ability to do runtime threat detection for Amazon EKS nodes and containers by monitoring system data telemetry, such as file access, process execution, and network connections.

You can begin your 30-day free trial of Amazon GuardDuty or any of the new coverage features not currently in use with a single click in the AWS Management Console or Amazon GuardDuty console. Please visit the AWS Regions page for all the regions where GuardDuty is available. To receive programmatic updates on new GuardDuty features and threat detections, subscribe to the Amazon GuardDuty SNS topic.