GuardDuty PNG and SVG Icon
Amazon GuardDuty is a threat detection service that continuously monitors for malicious or unauthorized behavior to help protect your AWS accounts and workloads.
Last Modified: August 29, 2025
16px
32px
48px
64px
Details
Key Features
- Detects threats using machine learning and AWS data sources.
- Monitors VPC flow logs, CloudTrail, and DNS logs.
- Generates actionable security findings.
- Operates without additional security infrastructure.
Common Use Cases
- Detect suspicious network traffic in AWS
- Identify compromised IAM credentials
- Alert on unusual API calls from unfamiliar locations
Explore More Icons
Classic Load Balancer
Classic Load Balancer is the legacy Elastic Load Balancing option for distributing incoming traffic across EC2 instances.
Elastic Inference
Amazon Elastic Inference allows you to attach low-cost GPU-powered inference acceleration to Amazon EC2 and SageMaker instances.
Pinpoint APIs
Amazon Pinpoint APIs provide programmatic access to campaigns, user segments, message templates, and analytics for engaging customers through push, email, and SMS.
VPC Lattice
Amazon VPC Lattice helps you securely connect, monitor, and manage service-to-service communication in a consistent way.
VPN Connection
A VPN Connection in AWS provides encrypted connectivity between your data center or device and your AWS VPC.
Amplify
AWS Amplify is a set of tools and services that helps developers build scalable, full-stack web and mobile applications on AWS.
Compute Optimizer
AWS Compute Optimizer uses machine learning to recommend optimal AWS compute resources for your workloads to reduce cost and improve performance.
Comprehend Medical
Amazon Comprehend Medical is a HIPAA-eligible NLP service that extracts medical information from unstructured clinical text.
DeepLens
AWS DeepLens is a deep learning-enabled video camera for developers to run ML models locally on edge devices in real time.
Cloud Map
AWS Cloud Map lets you register custom names for your application resources, allowing your applications to discover them using DNS or API calls.
EMR
Amazon EMR (Elastic MapReduce) is a cloud big data platform for processing massive amounts of data using open-source tools like Apache Spark, Hive, and Hadoop.
Neuron
AWS Neuron is a software development kit (SDK) that enables running high-performance ML models on AWS Inferentia-based instances.
Organizational Unit
An Organizational Unit in AWS Organizations is a container for organizing AWS accounts for policy-based management.
Transcribe
Amazon Transcribe is an automatic speech recognition (ASR) service that converts speech into text for applications like subtitles and transcription.
Route 53
Amazon Route 53 is a scalable and highly available Domain Name System (DNS) web service for domain registration and traffic routing.
Elastic Container Service
Amazon Elastic Container Service (ECS) is a fully managed container orchestration service that allows you to run and scale containerized applications.
WorkMail
Amazon WorkMail is a secure, managed business email and calendar service that supports existing desktop and mobile email clients.
Distro for OpenTelemetry
AWS Distro for OpenTelemetry is a secure, production-ready distribution of the OpenTelemetry project for collecting observability data.
SageMaker AI
Amazon SageMaker is a fully managed service that enables developers and data scientists to build, train, and deploy ML models at scale.
Connect
Amazon Connect is a cloud-based contact center service that provides tools for customer engagement via voice, chat, and tasks with real-time analytics and AI-powered features.
Ground Station
AWS Ground Station is a fully managed service that lets you control satellite communications, process data, and scale operations without building ground infrastructure.
MFA Token
An MFA Token is used in AWS Multi-Factor Authentication to provide an additional layer of security by requiring a one-time code from a hardware or virtual device.
Chatbot
AWS Chatbot is an interactive agent that helps you monitor and interact with AWS resources from chat platforms like Slack or Microsoft Teams.
Lambda
AWS Lambda is a serverless compute service that lets you run code without provisioning or managing servers, triggered by events and scaled automatically.