Activate AWS GuardDuty

Activate AWS GuardDuty to start monitoring and detecting threats in your AWS environment.

How to Activate GuardDuty

When you activate GuardDuty, the system will begin analyzing activities on EC2, S3, and other AWS services to detect threats and suspicious behaviors. This is an important step to ensure that your AWS resources are optimally protected.

Steps to Activate AWS GuardDuty:

  1. Log in to the AWS Management Console:
    • Access the AWS GuardDuty Console in the AWS Management Console.
    • Select Amazon GuardDuty - all features and click “Get started” to proceed to the next step.

GD

  1. Click the “Enable GuardDuty” button to activate the service:

    New accounts get a free 30-day trial from AWS.

    • If it’s your first time using it, you’ll see an Enable GuardDuty button.
    • Click this button to start the activation process.

GD

  1. Confirm the configuration and start scanning:
    • GuardDuty will automatically start scanning your resources and monitoring activities on EC2, S3, and other AWS services.
    • Once activated, GuardDuty will begin detecting potential threats and send alerts if any suspicious behavior is found.

GD

  1. Check the findings:
    • After GuardDuty is active, you can go to the Findings section to view alerts and detected threats.
    • Here, you’ll see details about any threats that have been identified.

GD

References: