com.amazonaws.services.guardduty.package-info Maven / Gradle / Ivy
Show all versions of aws-java-sdk-guardduty Show documentation
/*
* Copyright 2015-2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
/**
*
* Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following data sources:
* VPC Flow Logs, AWS CloudTrail event logs, and DNS logs. It uses threat intelligence feeds (such as lists of malicious
* IPs and domains) and machine learning to identify unexpected, potentially unauthorized, and malicious activity within
* your AWS environment. This can include issues like escalations of privileges, uses of exposed credentials, or
* communication with malicious IPs, URLs, or domains. For example, GuardDuty can detect compromised EC2 instances that
* serve malware or mine bitcoin.
*
*
* GuardDuty also monitors AWS account access behavior for signs of compromise. Some examples of this are unauthorized
* infrastructure deployments such as EC2 instances deployed in a Region that has never been used, or unusual API calls
* like a password policy change to reduce password strength.
*
*
* GuardDuty informs you of the status of your AWS environment by producing security findings that you can view in the
* GuardDuty console or through Amazon CloudWatch events. For more information, see the Amazon GuardDuty User Guide .
*
*/
package com.amazonaws.services.guardduty;