Posted On: May 23, 2019
HAQM GuardDuty is now a Service Organization Control (SOC) compliant service. This compliance certification applies to all AWS Regions where HAQM GuardDuty is available.
HAQM GuardDuty is a managed threat detection service that continuously monitors your AWS resources for malicious or unauthorized behavior to help you protect your AWS accounts and workloads.
HAQM GuardDuty is now SOC 1, 2, and 3 compliant, allowing you to get deep insight into the security processes and controls that protect customer data. AWS SOC (System and Organization Controls) reports are independent third-party examination reports that demonstrate how AWS achieves key compliance controls and objectives. These reports are often leveraged by diverse industries, such as technology, healthcare, banking and financial services, and used for Sarbanes-Oxley (SOX) efforts.
In addition to meeting standards for SOC, HAQM GuardDuty is in scope for PCI-DSS and ISO (9001, 27001, 27017, and 27018) compliance, and HIPAA eligibility. You can go to the Services in Scope by Compliance Program page to see a full list.
HAQM GuardDuty monitors for activity such as unusual API calls or potentially unauthorized deployments that indicate a possible account compromise. GuardDuty also detects potentially compromised instances or reconnaissance by attackers. Enabled with a few clicks in the AWS Management Console, HAQM GuardDuty can immediately begin analyzing billions of events across your AWS accounts for signs of risk. It does not require you to deploy and maintain software or security infrastructure, meaning it can be enabled quickly with no risk of negatively impacting existing application workloads.
You can enable your 30-day free trial of HAQM GuardDuty with a single-click in the AWS Management console. To learn more, see HAQM GuardDuty Findings and to start your 30-day free trial, see HAQM GuardDuty Free Trial.