Skip to main content

AWS - GuardDuty

Amazon Web Services Guard Duty Service (gd)

Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3.

What does this pack do

This integration enables you to:

  • Create an AWS GuardDuty detector on the integration instance specified AWS account.
  • Retrieve, update, or delete Amazon GuardDuty detectors.
  • Create, retrieve, update, or delete a list of IP addresses that are trusted for secure communication with AWS infrastructure and applications.
  • Create, retrieve, or delete a set of known malicious IP addresses.
  • Retrieve lists or descriptions of Amazon GuardDuty findings (a potential security issue detected within your network).
  • Archive Amazon GuardDuty findings.
  • Retrieve a description of the Amazon GuardDuty members.

PUBLISHER

Cortex XSOAR

INFO

CertificationRead more
Supported ByCortex XSOAR
CreatedNovember 9, 2020
Last ReleaseSeptember 8, 2021
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.