GuardDuty is a must have for AWS environments
May 15, 2022

GuardDuty is a must have for AWS environments

Alex Kranz | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Amazon GuardDuty

We have a multi-tenant AWS environment with dozens of AWS account all managed under control tower. We use GuardDuty on every AWS account and it has been incredibly useful for monitoring the security of our AWS accounts.
  • Monitors outgoing connections from AWS resources to known malicious hosts.
  • Monitors incoming connection to AWS resources from known malicious hosts.
  • Integrates with other centralized logging solutions.
  • Does not have the ability to add any custom monitors.
  • The automatic and AWS managed threat detection.
  • The ability to integrate with other centralized logging solutions.
  • GuardDuty has helped us prevent possible security incidents multiple times which could have caused substantial damage.

Do you think Amazon GuardDuty delivers good value for the price?

Yes

Are you happy with Amazon GuardDuty's feature set?

Yes

Did Amazon GuardDuty live up to sales and marketing promises?

Yes

Did implementation of Amazon GuardDuty go as expected?

Yes

Would you buy Amazon GuardDuty again?

Yes

In a multi-account/multi-tenant environment, GuardDuty often alerts us to possible malicious traffic before it becomes an issue. The ability to automatically enable GuardDuty creates baseline security which is crucial when an account is first created. It also helps greatly in environments where other users are able to create resources as often GuardDuty alerts us to insecure resources we did not know about. It can however sometimes be a little overzealous with its assessments alerting on benign activity which then requires suppression rules.