Monday, 7 October 2024

GuardDuty LAB

 

1. Enable GuardDuty

  • Navigate to the GuardDuty console: In the AWS Management Console, search for "GuardDuty" and select the GuardDuty service.
  • Enable GuardDuty: Click on "Enable GuardDuty".
    • Image of enabling GuardDuty in the AWS Management Console

2. Create a Detector

  • Create a detector: Click on "Create detector".
  • Name your detector: Give your detector a unique name.
  • Choose a region: Select the region where you want to create your detector.
  • Create the detector: Click on "Create detector".
    • Image of creating a detector in the AWS GuardDuty console





3. Review Findings

  • Review findings: GuardDuty will automatically analyze your logs and identify potential security threats. You can view the findings in the GuardDuty console.
    • Image of reviewing findings in the AWS GuardDuty console

4. Investigate Findings

  • Investigate findings: Use the GuardDuty console to investigate the identified findings and determine if they pose a security threat.
    • Image of investigating findings in the AWS GuardDuty console

5. Take Action

  • Take action: If a finding is confirmed to be a security threat, take appropriate action to mitigate the risk.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)