Benchmark: GuardDuty
Overview
This section contains recommendations for configuring AWS GuardDuty resources and options.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select GuardDuty.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.foundational_security_guardduty
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.foundational_security_guardduty --share
Controls
- 1 GuardDuty should be enabled
- 5 GuardDuty EKS Audit Log Monitoring should be enabled
- 6 GuardDuty Lambda Protection should be enabled
- 7 GuardDuty EKS Runtime Monitoring should be enabled
- 8 GuardDuty Malware Protection for EC2 should be enabled
- 9 GuardDuty RDS Protection should be enabled
- 10 GuardDuty S3 Protection should be enabled
- 11 GuardDuty Runtime Monitoring should be enabled
- 12 GuardDuty ECS Runtime Monitoring should be enabled
- 13 GuardDuty EC2 Runtime Monitoring should be enabled