Amazon Web Services (AWS) GuardDuty, the company’s threat detection service in the cloud (opens in new tab), is getting three new features that should further strengthen customer security.
In a press release, the cloud giant said that EKS Runtime Monitoring, GuardDuty RDS Protection, and GuardDuty Lambda Protection will provide expanded coverage and continuous enhancements in machine learning, anomaly detection, and integrated threat intelligence.
EKS Runtime Monitoring is tasked with better protecting containerized workloads; GuardDuty RDS Protection with data stored in Amazon Aurora databases, while GuardDuty Lambda Protection’s goal is to detect threats in serverless applications.
Free for all
The new features will be available to all current GuardDuty users – free of charge. To activate the tool, one should navigate to the AWS Management Console. GuardDuty was launched in 2017 and has since added more than 100 new threat detection capabilities, including the ability to detect credential exfiltration and compromise, AWS claims.
“GuardDuty’s new capabilities build on this powerful foundation to expand security detection and monitoring even further, to where customers tell us they need it most: containers’ runtime monitoring, databases, and serverless applications,” said Jon Ramsey, vice president for Security Services at AWS. “We’ve now more than tripled the number of managed detections since we introduced GuardDuty.”
For AWS, being able to collect and alert users on events related to security is “fundamental” to every risk management program. The challenge to get that done grows bigger by the day, with the ever-expanding threat landscape, and a growing number of security tools, created by different vendors.
The volume, and type, of threats also grows, as threat actors target web server instances with malware, cryptocurrency miners, and data exfiltration techniques. At the same time, the shortage of IT security pros makes defending the premises even harder.