Study Guides/AWS Cybersecurity Notes/Security Hub & Guard Duty: Revision history

25 May 2026

• curprev 01:3601:36, 25 May 2026‎ Mflavell talk contribs‎ 3,690 bytes +347‎ →‎Findings & Cloudwatch
• curprev 00:3700:37, 25 May 2026‎ Mflavell talk contribs‎ 3,343 bytes +332‎ No edit summary

23 May 2026

• curprev 23:5323:53, 23 May 2026‎ Mflavell talk contribs‎ 3,011 bytes +195‎ No edit summary
• curprev 23:4923:49, 23 May 2026‎ Mflavell talk contribs‎ 2,816 bytes +42‎ No edit summary
• curprev 23:4723:47, 23 May 2026‎ Mflavell talk contribs‎ 2,774 bytes 0‎ →‎Amazon Guard Duty
• curprev 22:2022:20, 23 May 2026‎ Mflavell talk contribs‎ 2,774 bytes +467‎ →‎Amazon Guard Duty
• curprev 22:0722:07, 23 May 2026‎ Mflavell talk contribs‎ 2,307 bytes +909‎ No edit summary

22 May 2026

• curprev 01:2101:21, 22 May 2026‎ Mflavell talk contribs‎ 1,398 bytes +565‎ →‎VPC Flow logs
• curprev 01:1401:14, 22 May 2026‎ Mflavell talk contribs‎ 833 bytes +833‎ Created page with " = Amazon Guard Duty = This is a managed threat detection service. :* Uses machine learning :* Can process millions of events, captured by: ::* CloudTrail ::* DNS (Route 53) ::* VPC Flow longs This service learns what is normal in the account to find abnormal actions. :* Can detect connections with unisal sources. :* EG: data been exfiltrated to a remote FTP server This is a ''always on'' service: :* Issues can be found without incurring a performance hit...."