Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3.
What does this pack do
This integration enables you to:
- Create an AWS GuardDuty detector on the integration instance specified AWS account.
- Retrieve, update, or delete Amazon GuardDuty detectors.
- Create, retrieve, update, or delete a list of IP addresses that are trusted for secure communication with AWS infrastructure and applications.
- Create, retrieve, or delete a set of known malicious IP addresses.
- Retrieve lists or descriptions of Amazon GuardDuty findings (a potential security issue detected within your network).
- Archive Amazon GuardDuty findings.
- Retrieve a description of the Amazon GuardDuty members.