AWS Enhances GuardDuty with New Security Capabilities

aws enhances guardduty with new security capabilities

Amazon Web Services (AWS), a subsidiary of, Inc., has announced three new capabilities for its threat detection service, Amazon GuardDuty, to bolster customer security through improved machine learning, anomaly detection, and integrated threat intelligence. The new features extend GuardDuty’s protection to container runtime behavior and both database and serverless environments, thus enabling businesses to react swiftly to potential security risks.

GuardDuty, a part of AWS’s comprehensive suite of security services, assists customers in identifying potential security threats, allowing their security teams to concentrate on high-priority tasks. The recently introduced capabilities are designed to provide robust protection for customer workloads, particularly in containerized, serverless, and database environments.

The first enhancement, EKS Runtime Monitoring, deepens threat detection inside containerized workloads. The second, GuardDuty RDS Protection, helps safeguard data stored in Amazon Aurora databases. Finally, GuardDuty Lambda Protection detects threats to serverless applications.

The changing cybersecurity landscape and the plethora of security tools from different vendors make integrating and scaling security detection and response across environments challenging. Additionally, the evolving workplace and threat landscape require Chief Information Security Officers (CISOs) to continuously enhance enterprise security to account for cloud adoption, remote working, and third-party infrastructure integration.

GuardDuty helps protect customers from emerging threats through ongoing innovation in machine learning, anomaly detection, and integrated threat intelligence. It uses machine learning detections trained to identify highly suspicious data access and any potential Amazon Elastic Compute Cloud (Amazon EC2) compromise. The threat detection service also comes with pre-integrated and continuously updated threat intelligence feeds from AWS and industry-leading, third-party providers such as CrowdStrike, Proofpoint, and Bitdefender.

The three new capabilities added to GuardDuty expand security coverage to other AWS workloads and core deployment use cases. These capabilities can be easily enabled organization-wide, providing actionable, contextual, and timely security findings with resource-specific details to aid quick investigation and response.

Jon Ramsey, vice president for Security Services at AWS, said, “GuardDuty’s new capabilities build on this powerful foundation to expand security detection and monitoring even further, to where customers tell us they need it most: containers’ runtime monitoring, databases, and serverless applications. We’ve now more than tripled the number of managed detections since we introduced GuardDuty.”

Prominent AWS customers, including Arctic Wolf Networks, Best Buy, GE Digital, Siemens, and cybersecurity startup Wiz, praised the new enhancements and the overall effectiveness of GuardDuty in securing their AWS workloads. GuardDuty continues to play an integral role in protecting businesses from emerging security threats, thereby fortifying their overall security posture.

To learn more about Amazon GuardDuty and its new capabilities, visit

Image: Depositphotos

More in:

Joshua Sophy Joshua Sophy is the Editor for Small Business Trends and has been a member of the team for 16 years. A professional journalist with 20 years of experience in traditional media and online media, he attended Waynesburg University and is a member of the Society of Professional Journalists. He has held roles of reporter, editor and publisher, having founded his own local newspaper, the Pottsville Free Press.