aws-security-reference-architecture-examples icon indicating copy to clipboard operation
aws-security-reference-architecture-examples copied to clipboard

Published 20 hours ago verified publisher icon aws-samples

[FEATURE] Improvements to the GuardDuty Solution

Open AdamDivall opened this issue 2 years ago • 2 comments

I've been reviewing the configurations of GuardDuty following a base deployment on top of Control Tower and have noticed that there is no configuration option within the Current Automation to Enable EKS Audit Logs or the New Malware Protection option.

Would be extremely useful for these aspects to be added in longer term.

Thanks in Advance.

AdamDivall avatar Aug 03 '22 08:08 AdamDivall

Thank you for the feature request @AdamDivall. We will add these 2 items to our backlog.

andywick-aws avatar Aug 03 '22 18:08 andywick-aws

@andywick-aws Another thing in relation to the EKS Audit Logs being enabled would be to be able to integrate it with Amazon Detective as per the Blog Post

AdamDivall avatar Aug 05 '22 15:08 AdamDivall

Hello @AdamDivall these plus other guardduty features have been added. See https://github.com/aws-samples/aws-security-reference-architecture-examples/commit/97e9968a2e6011f6919c02083f6220bde89c802e

liamschn avatar Jun 22 '23 20:06 liamschn