com.amazonaws.services.guardduty.package-info Maven / Gradle / Ivy
Show all versions of aws-java-sdk-guardduty Show documentation
/*
* Copyright 2015-2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
/**
*
* Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following data sources:
* VPC Flow Logs, AWS CloudTrail event logs, and DNS logs. It uses threat intelligence feeds, such as lists of malicious
* IPs and domains, and machine learning to identify unexpected and potentially unauthorized and malicious activity
* within your AWS environment. This can include issues like escalations of privileges, uses of exposed credentials, or
* communication with malicious IPs, URLs, or domains. For example, GuardDuty can detect compromised EC2 instances
* serving malware or mining bitcoin. It also monitors AWS account access behavior for signs of compromise, such as
* unauthorized infrastructure deployments, like instances deployed in a region that has never been used, or unusual API
* calls, like a password policy change to reduce password strength. GuardDuty informs you of the status of your AWS
* environment by producing security findings that you can view in the GuardDuty console or through Amazon CloudWatch
* events. For more information, see Amazon GuardDuty User Guide.
*
*/
package com.amazonaws.services.guardduty;