< Back

Monitoring: Amazon GuardDuty

Amazon GuardDuty automates security monitoring for your Amazon Web Services (AWS) environments to detect potentially unauthorized and malicious activity. With GuardDuty, you receive recommendations for mitigating threats, including specific guidance derived from cloud-native detection APIs.

Why should you monitor Amazon GuardDuty findings?

To benefit from the real-time security monitoring provided by GuardDuty, it is crucial to respond to potential threats as fast as possible. Therefore, it is necessary to keep an eye on new GuardDuty findings. The following figure shows how marbot configures monitoring for GuardDuty and escalates alerts among team members.

Monitoring: Amazon GuardDuty

How does monitoring Amazon GuardDuty work?

Without further ado, marbot notifies you about Amazon GuardDuty findings. Here is what an alert caused by a GuardDuty finding looks like in Microsoft Teams.

Amazon GuardDuty alert in Microsoft Teams

And here is the same alert in Slack.

Amazon GuardDutyalert alert in Slack

How do you set up monitoring of Amazon GuardDuty?

marbot works with Slack and Microsoft Teams. Please select your platform and follow the Getting Started guide.

Which events does marbot monitor in detail?

marbot creates EventBridge rules to monitor the following events automatically.

Event Type Description
GuardDuty Finding Get alerted in case of findings with severity >= 7.

More help needed? Or want to share feedback?

If you experience any issues, let us know.

E-mail icon
marbot teaser

Chatbot for AWS Monitoring

Configure monitoring for Amazon Web Services: CloudWatch, EC2, RDS, EB, Lambda, and more. Receive and manage alerts via Slack. Solve incidents as a team.

Add to Slack
Microsoft Teams
Add to Teams