Amazon GuardDuty
Protect your AWS accounts with intelligent threat detection
Start your 30-day free trial
with the AWS Free Tier
Continuously monitor your AWS accounts, instances, container workloads, users, databases, and storage for potential threats.
Expose threats quickly using anomaly detection, ML, behavioral modeling, and threat intelligence feeds from AWS and leading third parties.
Mitigate threats early by initiating automated responses.
How it works
Use cases
Improve security operations visibility
Gain insight of compromised credentials, unusual data access in Amazon Simple Storage Service (S3), suspicious logins in Amazon Aurora, and API calls from known malicious IP addresses.
Assist security analysts in investigations
Receive security event findings with context, metadata, and impacted resource details, and determine their root cause using GuardDuty console integration with Amazon Detective.
Identify files containing malware
Scan Amazon Elastic Block Store (EBS) for files that might have malware creating suspicious behavior on instance and container workloads running on Amazon Elastic Compute Cloud (EC2).
Route insightful information on security findings
Route findings to your preferred operational tools using integrations with AWS Security Hub and Amazon EventBridge.
Customers
How to get started
Find out how Amazon GuardDuty works
Learn more about the features and capabilities that GuardDuty offers.
Learn about customers using GuardDuty
See how global companies are using GuardDuty to protect their AWS accounts with intelligent threat detection.
Get started with GuardDuty on the AWS Free Tier
Try GuardDuty for 30 days at no cost and get full access to GuardDuty features and detection findings.