Continuously monitor your AWS accounts, instances, container workloads, users, databases, and storage for potential threats.
Expose threats quickly using anomaly detection, ML, behavioral modeling, and threat intelligence feeds from AWS and leading third parties.
Mitigate threats early by initiating automated responses.
How it works
Improve security operations visibility
Gain insight of compromised credentials, unusual data access in Amazon Simple Storage Service (S3), suspicious logins in Amazon Aurora (Preview), and API calls from known malicious IP addresses.
Assist security analysts in investigations
Receive security event findings with context, metadata, and impacted resource details, and determine their root cause using GuardDuty console integration with Amazon Detective.
Identify files containing malware
Scan Amazon Elastic Block Store (EBS) for files that might have malware creating suspicious behavior on instance and container workloads running on Amazon Elastic Compute Cloud (EC2).
How to get started
Watch a brief introductory video
Learn how easy it is to add and use GuardDuty to help detect potential security issues in your AWS deployments.
Explore GuardDuty features
GuardDuty is a threat detection service that provides you with an accurate and easy way to continuously monitor and protect AWS accounts and workloads.
Begin a 30-day free trial
Try GuardDuty for 30 days at no cost. You will receive full access to GuardDuty features and its detection findings during the free trial.