Continuously monitor your AWS accounts, instances, container workloads, users, and storage for potential threats.
Expose threats quickly using anomaly detection, machine learning, behavioral modeling, and threat intelligence feeds from AWS and leading third-parties.
Mitigate threats early by initiating automated responses.
How it works
Improve security operations visibility
Gain insight of compromised credentials, unusual data access in Amazon S3, API calls from known malicious IP addresses, and more.
Assist security analysts in investigations
Receive security event findings with context, metadata, and impacted resource details, and determine their root cause using GuardDuty console integration with Amazon Detective.
Identify files containing malware
Scan Amazon Elastic Block Store (EBS) for files that might have malware creating suspicious behavior on instance and container workloads running on Amazon EC2.
How to get started
Watch a brief introductory video
Learn how easy it is to add and use GuardDuty to help detect potential security issues in your AWS deployments.
Explore GuardDuty features
GuardDuty is a threat detection service that provides you with an accurate and easy way to continuously monitor and protect AWS accounts and workloads.
Begin a 30-day free trial
Try GuardDuty for 30 days at no cost. You will receive full access to GuardDuty features and its detection findings during the free trial.