GUARDDUTY

By Criticality

By Category

Current Settings

Region	FlowLogs	CloudTrail	DnsLogs	S3Logs	Kubernetes AuditLogs	MalwareProtection ScanEc2InstanceWithFindings	Total
ap-southeast-1	$0.0000	$0.0980	$0.0000	$0.0002	$0.0000	$0.0000	$0.09820000000000001
us-east-1	$0.0000	$0.0059	$0.0000	$0.0160	$0.0000	$0.0000	$0.0219

All findings

High Severity

Medium Severity

IAMUser
- Persistence:IAMUser/AnomalousBehavior
  - us-east-1: (75), The user AssumedRole : OrganizationAccountAccessRole is anomalously invoking APIs commonly used in Persistence tactics. | (19 days ago), 22cbae66e225d702a224faf72ebfd4f9

Low Severity

IAMUser
- Discovery:IAMUser/AnomalousBehavior
  - ap-southeast-1: (150), The user AssumedRole : OrganizationAccountAccessRole is anomalously invoking APIs commonly used in Discovery tactics. | (19 days ago), 64cbae64b1b7f41289aaec88e2d2ecb6
  - ap-southeast-1: (127), The user AssumedRole : OrganizationAccountAccessRole is anomalously invoking APIs commonly used in Discovery tactics. | (26 days ago), aecb9a8abc89a4378d398c3b86a79b67
  - ap-southeast-1: (100), The user AssumedRole : AWSReservedSSO_AWSAdministratorAccess_fae89f7963febc98 is anomalously invoking APIs commonly used in Discovery tactics. | (26 days ago), 90cb9a8bb035f6baac40f68d5940223e
  - us-east-1: (78), The user AssumedRole : OrganizationAccountAccessRole is anomalously invoking APIs commonly used in Discovery tactics. | (19 days ago), 36cbae66e1ff24cb361ba7e13bef914d
  - us-east-1: (47), The user AssumedRole : AWSReservedSSO_AWSAdministratorAccess_fae89f7963febc98 is anomalously invoking APIs commonly used in Discovery tactics. | (26 days ago), a2cb9a8e079b82e863ff514fe0bd660b

S3
- Discovery:S3/AnomalousBehavior
  - ap-southeast-1: (1), An API commonly used to discover S3 objects was invoked in an unusual way. | (19 days ago), d2cbae654a49917f7b6ecc83365de373