Our next-gen architecture is built to help you make sense of your ever-growing data. Watch a 4-min demo video!

Quick Start Security for AWS GuardDuty

thank you

Thank you!

We got your information.

AWS GuardDuty
AWS GuardDuty icon

Coralogix Extension For AWS GuardDuty Includes:

Dashboards - 1

Gain instantaneous visualization of all your AWS GuardDuty data.

GuardDuty Overview Dashboard
GuardDuty Overview Dashboard

Alerts - 3

Stay on top of AWS GuardDuty key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.

High Severity Event

This alert triggers whenever GuardDuty assigns high severity to an event/a finding. AWS GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers details for visibility and remediation. Impact A high severity level indicates that the resource in question is compromised and is actively being used for unauthorized purposes. Mitigation It is recommended to treat any high-severity findings as a priority and take immediate remediation steps to prevent further unauthorized use of your resources. To investigate further, check the field names such as 'type', 'description', 'title', etc. for more detail.

Medium Severity Event

This alert triggers whenever GuardDuty assigns medium severity to an event/a finding. AWS GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers details for visibility and remediation. Impact A medium severity level indicates suspicious activity that deviates from normally observed behavior and, depending on your use case, may be indicative of a resource compromise. Mitigation To investigate further, check the field names such as 'type', 'description', 'title', etc.

Low Severity Event

This alert triggers whenever GuardDuty assigns low severity to an event/a finding. AWS GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers details for visibility and remediation. Impact A low severity level indicates attempted suspicious activity that did not compromise your network, for example, a port scan or a failed intrusion attempt. Mitigation To investigate further, check the field names such as 'type', 'description', 'title', etc.

Integration

Learn more about Coralogix's out-of-the-box integration with AWS GuardDuty in our documentation.

Read More
Schedule Demo