Amazon Web Services
Amazon Web Services (AWS) is a comprehensive cloud computing platform providing infrastructure, platform, and software services.
logforge templates install aws
AWS GuardDuty vAll
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect AWS accounts, workloads, and data. It analyzes VPC Flow Logs, CloudTrail events, and DNS logs to identify threats.
Findings
GuardDuty Attack Sequence Finding Types
AWS GuardDuty Extended Threat Detection attack sequence findings detecting multi-stage attacks across EKS, ECS, EC2, IAM, and S3 resources using proprietary correlation algorithms
GuardDuty EC2 Finding Types
AWS GuardDuty Extended Threat Detection attack sequence findings detecting multi-stage attacks across EKS, ECS, EC2, IAM, and S3 resources using proprietary correlation algorithms
GuardDuty EKS Protection Finding Types
AWS GuardDuty Extended Threat Detection attack sequence findings detecting multi-stage attacks across EKS, ECS, EC2, IAM, and S3 resources using proprietary correlation algorithms
GuardDuty IAM Finding Types
AWS GuardDuty Extended Threat Detection attack sequence findings detecting multi-stage attacks across EKS, ECS, EC2, IAM, and S3 resources using proprietary correlation algorithms
GuardDuty Lambda Protection Finding Types
AWS GuardDuty Extended Threat Detection attack sequence findings detecting multi-stage attacks across EKS, ECS, EC2, IAM, and S3 resources using proprietary correlation algorithms
GuardDuty Malware Protection for Backup Finding Types
AWS GuardDuty Extended Threat Detection attack sequence findings detecting multi-stage attacks across EKS, ECS, EC2, IAM, and S3 resources using proprietary correlation algorithms
GuardDuty Malware Protection for EC2 Finding Types
AWS GuardDuty Extended Threat Detection attack sequence findings detecting multi-stage attacks across EKS, ECS, EC2, IAM, and S3 resources using proprietary correlation algorithms
GuardDuty Malware Protection for S3 Finding Type
AWS GuardDuty Extended Threat Detection attack sequence findings detecting multi-stage attacks across EKS, ECS, EC2, IAM, and S3 resources using proprietary correlation algorithms
GuardDuty RDS Protection Finding Types
AWS GuardDuty Extended Threat Detection attack sequence findings detecting multi-stage attacks across EKS, ECS, EC2, IAM, and S3 resources using proprietary correlation algorithms
CloudTrail v1.11
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account.
Management
CloudTrail Delete Trail Event
AWS CloudTrail DeleteTrail API call event in OCSF format
EC2 Create Snapshot
AWS CloudTrail DeleteTrail API call event in OCSF format
IAM Delete Policy Event
AWS CloudTrail DeleteTrail API call event in OCSF format