Amazon GuardDuty

AWSSecurityFree tier available

Intelligent threat detection service that continuously monitors CloudTrail, VPC flow logs, and DNS logs using ML and curated threat intelligence feeds

FluffyStack tools
Add to Service BuilderAdd to CompareCompare with equivalentsExplore AWS in TreemapExplore security in Honeycomb
DocumentationPricing

Attributes

SLA Uptime
99.9%
ML Powered
Yes
Multi Account
Yes

Sub-services (3)

Threat Findings

ML-based anomaly detections across accounts and regions

Malware Protection

Agentless malware scanning for EC2 and ECS workloads

Runtime Monitoring

Real-time container runtime threat detection for EKS and ECS

Compliance & Certifications

This service is attested for the following frameworks. Always verify with the provider before relying on a specific compliance posture.

GDPRSOC 2ISO 27001HIPAAPCI DSSFedRAMP

Where this runs

38 regions
27 countries
5sovereign
Sovereign regions (5)
  • AWS GovCloud (US-East) · AshburnAWS GovCloud (US)
  • AWS GovCloud (US-West) · HillsboroAWS GovCloud (US)
  • AWS European Sovereign Cloud (Brandenburg) · BrandenburgAWS European Sovereign Cloud
  • China (Beijing) · BeijingAWS China (Sinnet)
  • China (Ningxia) · YinchuanAWS China (NWCD)
Commercial regions (33)

Europe (8)

  • Europe (Paris)
  • Europe (Frankfurt)
  • Europe (Ireland)
  • Europe (Milan)
  • Europe (Spain)
  • Europe (Stockholm)
  • Europe (Zurich)
  • Europe (London)

North America (7)

  • Canada West (Calgary)
  • Canada (Central)
  • Mexico (Central)
  • US East (N. Virginia)
  • US West (Oregon)
  • US East (Ohio)
  • US West (N. California)

South America (1)

  • South America (São Paulo)

Asia (11)

  • Asia Pacific (Hong Kong)
  • Asia Pacific (Hyderabad)
  • Asia Pacific (Mumbai)
  • Asia Pacific (Jakarta)
  • Asia Pacific (Osaka)
  • Asia Pacific (Tokyo)
  • Asia Pacific (Malaysia)
  • Asia Pacific (Singapore)
  • Asia Pacific (Seoul)
  • Asia Pacific (Taipei)
  • Asia Pacific (Thailand)

Oceania (2)

  • Asia Pacific (Melbourne)
  • Asia Pacific (Sydney)

Middle East (3)

  • Middle East (Bahrain)
  • Israel (Tel Aviv)
  • Middle East (UAE)

Africa (1)

  • Africa (Cape Town)

Tags

threat-detectionsecurity-monitoringanomalycompliance

Equivalent services on other platforms

Microsoft SentinelAzure

Cloud-native SIEM and security orchestration platform (now Microsoft Sentinel) with ML-based threat detection, hunting queries, playbook automation, and 100+ data connectors

Security Command CenterGCP

Centralised security and risk management platform for GCP with asset inventory, vulnerability scanning, threat detection, compliance reporting, and security posture dashboards

Pricing

Pricing model:pay-as-you-go