💼 [GuardDuty.13] GuardDuty EC2 Runtime Monitoring should be enabled

ID: /frameworks/aws-fsbp-v1.0.0/guardduty/13

Description

GuardDuty Runtime Monitoring observes and analyzes operating system-level, networking, and file events to help you detect potential threats in specific AWS workloads in your environment. It uses GuardDuty security agents that add visibility into runtime behavior, such as file access, process execution, command line arguments, and network connections. You can enable and manage the security agent for each type of resource that you want to monitor for potential threats. This includes Amazon EC2 instances.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/guardduty-controls.html#guardduty-13

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS GuardDuty Detector Runtime Monitoring is not enabled🟢	1	🟢 x6	no data

Description​

Similar​

Sub Sections​

Policies (1)​

Description

Similar

Sub Sections

Policies (1)