- It is a security service used for continuous monitoring of an account
- It can be integrated with supported data sources, constantly monitoring them
- It uses AI/ML and thread intelligent feeds for monitoring for suspicious activities
- Identifies any unexpected and unauthorized activity and it tries to spot odd activities
- If it finds something, it can be configured to notify us or to do event-driven protection/remediation
- Supports multiple accounts (Master and Member accounts)
- GuardDuty architecture:
